[unisog] SENDMAIL SECURITY ALERT
ruprech at jilau1.Colorado.EDU
Mon Mar 3 21:18:36 GMT 2003
>From the CERT advisory at http://www.cert.org/advisories/CA-2003-07.html:
"A successful attack against an unpatched sendmail system will not
leave any messages in the system log. However, on a patched system, an
attempt to exploit this vulnerability will leave the following log
Dropped invalid comments from header address
Although this does not represent conclusive evidence of an attack, it
may be useful as an indicator.
A patched sendmail server will drop invalid headers, thus preventing
downstream servers from receiving them. "
So it looks like if the message passes through an 8.12.8 server, it should
JILA / University of Colorado
On Tue, 4 Mar 2003, Mark Borrie wrote:
> Does anyone know if sendmail 8.12.8 etc fixes the offending
> headers or passes them onto other servers unaltered. This is
> important in deciding how quickly we attend to upgrading sendmail
> inside the campus.
More information about the unisog