Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Slackware: sendmail buffer overflow

Slackware: sendmail buffer overflow

by Nikola Strahija on April 2nd, 2003 Buffer overflow vulnerability has been found in all versions of Sendmail earlier than 8.12.9, which may allow remote attackers to gain root privileges.


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] Sendmail buffer overflow fixed (NEW)

The sendmail packages in Slackware 8.0, 8.1, and 9.0 have been patched
to fix a security problem. Note that this vulnerablity is NOT the same
one that was announced on March 3rd and requires a new fix.

All sites running sendmail should upgrade.

More information on the problem can be found here:

http://www.sendmail.org/8.12.9.html

Here are the details from the Slackware 9.0 ChangeLog:
+--------------------------+
Sat Mar 29 13:46:36 PST 2003
patches/packages/sendmail-8.12.9-i386-1.tgz: Upgraded to sendmail-8.12.9.
From sendmail's RELEASE_NOTES:
8.12.9/8.12.9 2003/03/29
SECURITY: Fix a buffer overflow in address parsing due to
a char to int conversion problem which is potentially
remotely exploitable. Problem found by Michal Zalewski.
Note: an MTA that is not patched might be vulnerable to
data that it receives from untrusted sources, which
includes DNS.
(* Security fix *)
patches/packages/sendmail-cf-8.12.9-noarch-1.tgz: Updated config files for
sendmail-8.12.9.
+--------------------------+



WHERE TO FIND THE NEW PACKAGES:
+-----------------------------+

Updated packages for Slackware 8.0:
ftp://ftp.slackware.com/pub/slackware/slackware-8.0/patches/packages/sendmail.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-8.0/patches/packages/smailcfg.tgz

Updated packages for Slackware 8.1:
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/sendmail-8.12.9-i386-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/sendmail-cf-8.12.9-noarch-1.tgz

Updated packages for Slackware 9.0:
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/sendmail-8.12.9-i386-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/sendmail-cf-8.12.9-noarch-1.tgz



MD5 SIGNATURES:
+-------------+

Here are the md5sums for the packages:

Slackware 8.0 packages:
c29c3063313534bee8db13c5afcd1abc sendmail.tgz
1b3be9b45f0d078e1053b80069538ca7 smailcfg.tgz

Slackware 8.1 packages:
b1b538ae7685ce8a09514b51f8802614 sendmail-8.12.9-i386-1.tgz
628b61a20f4529b514060620e5e601e7 sendmail-cf-8.12.9-noarch-1.tgz

Slackware 9.0 packages:
5f4f92f933961b6e652d294cd76da426 sendmail-8.12.9-i386-1.tgz
45b217e09d5ff2d0e1b7b12a389c86ec sendmail-cf-8.12.9-noarch-1.tgz



INSTALLATION INSTRUCTIONS:
+------------------------+

First (as root), stop sendmail:

.. /etc/rc.d/rc.sendmail stop

Next, upgrade the sendmail package(s) with upgradepkg:

upgradepkg sendmail-*.tgz

Finally, restart sendmail:

.. /etc/rc.d/rc.sendmail start



+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
[email protected]

+------------------------------------------------------------------------+
| HOW TO REMOVE YOURSELF FROM THIS MAILING LIST: |
+------------------------------------------------------------------------+
| Send an email to [email protected] with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back. Follow the instructions to |
| complete the unsubscription. Do not reply to this message to |
| unsubscribe! |
+------------------------------------------------------------------------+

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE+hi4iakRjwEAQIjMRAlYYAJ0SkisbelIwisnAjLcmCBaQC728LACgiu/Q
ftW/49T80bCUapwtL/VzTd4=
=yPYH
-----END PGP SIGNATURE-----


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »