Re: SENDMAIL SECURITY ALERT

From: Boggess, Jeff (Boggess.Jeff@PRINCIPAL.COM)
Date: 03/03/03

  • Next message: Russ: "Revised: Microsoft Security Bulletin - MS02-010" 
    Date:         Mon, 3 Mar 2003 15:01:07 -0500
From: "Boggess, Jeff" <Boggess.Jeff@PRINCIPAL.COM>
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

    Received this alert from the vendor this morning. Thought I would pass it on to the list.

    -----Original Message-----
    From: Wiley Hodges [mailto:wiley@sendmail.com]
    Sent: Monday, March 03, 2003 11:19 AM
    To: alert-current@sendmail.com
    Subject: SENDMAIL SECURITY ALERT

    SECURITY ALERT

    Today Internet Security Systems and the Sendmail Consortium announced
    the discovery of a security vulnerability in the sendmail mail transfer
    agent.

    This vulnerability is serious, and Sendmail, Inc. urges customers to
    apply the supplied security patch as soon as possible.

    The vulnerability derives from a potential buffer overflow in sendmail's
    header handling code. In a worst-case scenario, the vulnerability
    provides the ability for an attacker to remotely gain root access to the
    targeted system.

    While there have been no known exploits of this vulnerability to this
    point, we believe that unpatched systems could become exploitable very
    soon. For that reason we are immediately providing software patches for
    the following releases of Sendmail's commercial products. These include:

    Sendmail Switch 3.0.x on Solaris, Linux, and AIX
    Sendmail Switch 2.2.x on Solaris, Linux, AIX, Windows NT/2000 and S390 Linux
    Sendmail Switch 2.1.x on HP-UX
    Sendmail Switch 2.2.xJ on Windows NT/2000
    Sendmail Advanced Message Server 1.2 on Solaris, Linux, AIX, and S390 Linux
    Sendmail Advanced Message Server 1.3 on Windows 2000
    Sendmail for NT Version 3.x

    You may download the patch from the following URL:

    http://www.sendmail.com/support/download/

    We have provided MD5 checksums at the end of this message to assist you
    in validating the integrity of the downloaded patches.

    More information on this vulnerability and the fix in Sendmail's
    commercial products is available by visiting Sendmail's security
    information page at:

    http://www.sendmail.com/security/

    More information on this vulnerability and the fix in Open Source
    sendmail is avaialable from the Sendmail Consortium's Web site at:

    http://www.sendmail.org/

    The original ISS announcement can be found on ISS's Web site at

    http://www.iss.net/

    --------

    Checksums

    Verifying the MD5 Checksum
    After you have downloaded the package, you should check, if the MD5
    checksum matches the one provided at the end of this email. Each file
    has an individual checksum, that you can verify with the following
    command:

    shell> md5sum <filename>

    Note, that not all operating systems support the md5sum command - on
    some it is simply called md5, others do not ship it at all. On Linux, it
    is part of the GNU Text Utilities package, which is available for a wide
    range of platforms. You can download the source code from
    http://www.gnu.org/software/textutils/ as well. If you have OpenSSL
    installed, you can also use the command openssl md5 <package> instead. A
    DOS/Windows implementation of the md5 command is available from
    http://www.fourmilab.ch/md5/.

    You should check, if the resulting checksum matches the one provided in
    this email to the left the respective filename:

    MD5(Patch2.1.5/CONTENTS)= 954a3723b44f6ad60282bc0ae601366c
    MD5(Patch2.1.5/README)= 8ec2cfffbd4d62afff573c7693a0bf15
    MD5(Patch2.1.5/smswitch-patch-2.1.5-HP-UX.tar.Z)=
    d10afe2bfde06519bc811faac84b7e9c
    MD5(Patch2.2.5/CONTENTS)= 2a131cf257431d5f4d8458126d22489e
    MD5(Patch2.2.5/README-Windows-225-JP.txt)= 9b03ab8bb0aecc1775b95e0a8d6e1f54
    MD5(Patch2.2.5/README_UNIX)= 9d0437be2ce12f4bce8222f523e07cab
    MD5(Patch2.2.5/README_WINDOWS.txt)= 6789d90f0c4441ca6bbb57338ddabe2d
    MD5(Patch2.2.5/RELEASE_NOTES_UNIX)= 6d21a1d5f4eef9cd2a5587b40879e888
    MD5(Patch2.2.5/RELEASE_NOTES_WINDOWS.txt)= 16850d9256115db65ddba59048249cb7
    MD5(Patch2.2.5/RELEASE_NOTES_Windows-225-JP.txt)=
    f1afe8cf09998564a0de238dd373185e
    MD5(Patch2.2.5/smswitch-patch-2.2.5-390SuSE.tar.gz)=
    08d0932b42a9064b1390ded293c9e191
    MD5(Patch2.2.5/smswitch-patch-2.2.5-AIX.tar.Z)=
    8204d6af447bfb1ff20ccdda95a8a4d3
    MD5(Patch2.2.5/smswitch-patch-2.2.5-RedHat.tar.gz)=
    ac96c8a1bab2e01de3e3d453c116a3db
    MD5(Patch2.2.5/smswitch-patch-2.2.5-Solaris.tar.Z)=
    19b84c15a3e2cc91c85c7eb55ca2e0ed
    MD5(Patch2.2.5/smswitch-patch-2.2.5-Solaris8.tar.Z)=
    923cbb9752ca89e5744c836987a367dd
    MD5(Patch2.2.5/smswitch-patch-2.2.5-SuSE.tar.gz)=
    30e8c197cba5441509f9649af50c651a
    MD5(Patch2.2.5/smswitch-patch-2.2.5-Windows.zip)=
    ec917fcbf34f6bc2ede4b95e12a97009
    MD5(Patch2.6.2NT/CONTENTS)= 8d8e510f4b95bdb4dff69f73ca5364f2
    MD5(Patch2.6.2NT/README-Windows-262-JP.txt)=
    80e70085cbb8936d4d350a0e2897433a
    MD5(Patch2.6.2NT/README-Windows-262.txt)= 3a575453ccdd879eb6ec2b7c28014484
    MD5(Patch2.6.2NT/sendmailNT-patch-2.6.2-Windows.zip)=
    dce2c335af0e476e9ec5ac06fc1ad184
    MD5(Patch3.0.3/CONTENTS)= d15909ff79f6af37e453a4ee72531014
    MD5(Patch3.0.3/README.txt)= ef4930e2d58a7887757b32867dccaea8
    MD5(Patch3.0.3/RELEASE_NOTES.txt)= a91eafcacd92ea948d53d32eef466cfa
    MD5(Patch3.0.3/smswitch-patch-3.0.3-AIX.tar.Z)=
    1e07845f608e897421fa25f4374f7167
    MD5(Patch3.0.3/smswitch-patch-3.0.3-Linux.tar.gz)=
    eb0c16530ed6cfa1d0190fc906f7b42e
    MD5(Patch3.0.3/smswitch-patch-3.0.3-Solaris.tar.Z)=
    2fa4e1c61b1121df871f1d79602ce4dc
    MD5(Patch3.0.3/smswitch-patch-3.0.3-Solaris8.tar.Z)=
    26f0817c868b46942eff7c44b66312b2
    MD5(Patch3.0.3NT/CONTENTS)= 2f3e1a5d71048795e71e0be08a138145
    MD5(Patch3.0.3NT/README-PATCH.txt)= 709541150ce09a9295483fbbe186e991
    MD5(Patch3.0.3NT/README-Windows-303-JP.txt)=
    5aa26b179a3120dca27754719756470b
    MD5(Patch3.0.3NT/sendmailNT-patch-3.0.3-Windows.zip)=
    2652751268529e548872b9e22d759de0

    To unsubscribe, send a message to esquire@sendmail.com with
            unsubscribe alert-current
    as the BODY of the message. The SUBJECT is ignored.

    oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
    Have you discovered a security vulnerability related to Windows or a
    commercial product which runs on Windows?

    Need assistance crafting the format or translating your advisory to English?

    Need to verify it, or having problems contacting the Vendor?

    Contact mailto:Advisories@NTBugtraq.com

    oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo

  • Next message: Russ: "Revised: Microsoft Security Bulletin - MS02-010"

    Relevant Pages

    • sendmail vuln advisories (CVE-2006-0058)
      ... Sendmail, Inc. has recently become aware of a security vulnerability in certain versions of sendmail Mail Transfer Agent and UNIX and Linux products that contain it. ... Sendmail was notified by security researchers at ISS that, under some specific timing conditions, this vulnerability may permit a specifically crafted attack to take over the sendmail MTA process, allowing remote attackers to execute commands and run arbitrary programs on the system running the MTA, affecting email delivery, or tampering with other programs and data on this system. ...
      (Bugtraq)
    • [NEWS] Remote Sendmail Header Processing Vulnerability
      ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Sendmail is a heavily used Mail Transfer Agent ... A vulnerability found in this product allows a remote user to gain ... The attack is performed by an email message and occurs when the Sendmail ...
      (Securiteam)
    • [security bulletin] HPSBUX02108 SSRT061133 rev.13 - HP-UX Running Sendmail, Remote Execution
      ... The information in this Security Bulletin should be acted upon as soon as possible. ... This bulletin will be revised as other versions of Sendmail become available. ... HP-UX B.11.11 ... Security Bulletins via Email: ...
      (Bugtraq)
    • [security bulletin] HPSBUX02108 SSRT061133 rev.9 - HP-UX running Sendmail, Remote Execution
      ... SUPPORT COMMUNICATION - SECURITY BULLETIN ... This bulletin will be revised as other versions of Sendmail become ... To determine if an HP-UX system has an affected version, ... Security Bulletins via Email: ...
      (Bugtraq)
    • [security bulletin] HPSBUX02108 SSRT061133 rev.10 - HP-UX running Sendmail, Remote Execution
      ... SUPPORT COMMUNICATION - SECURITY BULLETIN ... This bulletin will be revised as other versions of Sendmail ... To determine if an HP-UX system has an affected version, ... Security Bulletins via Email: ...
      (Bugtraq)