[Dshield] critical sendmail problem.

Johannes Ullrich jullrich at euclidian.com
Mon Mar 3 17:20:30 GMT 2003



> Internet Security Systems Security Advisory
> March 3, 2002
> 
> Remote Sendmail Header Processing Vulnerability
> 
> Synopsis:
> 
> ISS X-Force has discovered a buffer overflow vulnerability in the
> Sendmail
> Mail Transfer Agent (MTA). Sendmail is the most common MTA and has
> been
> documented to handle between 50% and 75% of all Internet email
> traffic.
> 
> Impact:
> 
> Attackers may remotely exploit this vulnerability to gain "root" or
> superuser
> control of any vulnerable Sendmail server. Sendmail and all other
> email
> servers are typically exposed to the Internet in order to send and
> receive
> Internet email. Vulnerable Sendmail servers will not be protected by
> legacy
> security devices such as firewalls and/or packet filters. This
> vulnerability
> is especially dangerous because the exploit can be delivered within an
> email
> message and the attacker doesn't need any specific knowledge of the
> target to
> launch a successful attack. 
> 
> Affected Versions:
> 
> Sendmail versions from 5.79 to 8.12.7 are vulnerable
> 
> Note: The affected versions of Sendmail commercial, Sendmail open
> source
> running on all platforms are known to be vulnerable.
> 
> For the complete ISS X-Force Security Advisory, please visit: 
> <http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950>
> ______
> 
> About Internet Security Systems (ISS)
> Founded in 1994, Internet Security Systems (ISS) (Nasdaq: ISSX) is a
> pioneer and world leader in software and services that protect
> critical
> online resources from an ever-changing spectrum of threats and misuse.
> Internet Security Systems is headquartered in Atlanta, GA, with
> additional operations throughout the Americas, Asia, Australia, Europe
> and the Middle East.
> 
> Copyright (c) 2003 Internet Security Systems, Inc. All rights reserved
> worldwide.
> 
> Permission is hereby granted for the electronic redistribution of this
> document. It is not to be edited or altered in any way without the
> express written consent of the Internet Security Systems X-Force. If
> you wish to reprint the whole or any part of this document in any
> other
> medium excluding electronic media, please email xforce at iss.net for
> permission. 
> 
> Disclaimer: The information within this paper may change without
> notice.
> Use of this information constitutes acceptance for use in an AS IS
> condition. There are NO warranties, implied or otherwise, with regard
> to
> this information or its use. Any use of this information is at the
> user's risk. In no event shall the author/distributor (Internet
> Security
> Systems X-Force) be held liable for any damages whatsoever arising out
> of or in connection with the use or spread of this information.
> X-Force PGP Key available on MIT's PGP key server and PGP.com's key
> server,
> as well as at <http://www.iss.net/security_center/sensitive.php>
> Please send suggestions, updates, and comments to: X-Force
> xforce at iss.net of Internet Security Systems, Inc.
> 




More information about the list mailing list