Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Scientific Linux SL4.x Security Advisory: Low Sendmail Spoofing Risk

Calendar May 14, 2007 User Avatar LinuxSecurity Advisories
1 min read
Scientific Large Esm H500
Topics%20covered

Topics Covered

security advisory security update bug fix sendmail email spoofing Scientific Linux
Low: sendmail security and bug fix update 
Date: Mon, 14 May 2007 15:52:50 -0500
Reply-To: Connie Sieh 
Sender: Security Errata for Scientific Linux
 
From: Connie Sieh 
Subject: Security ERRATA for sendmail on SL4.x i386/x86_64
Comments: To: scientific 

Synopsis: Low: sendmail security and bug fix update
Issue date: 2007-05-01
CVE Names: CVE-2006-7176

The configuration of Sendmail was found to not reject the
"localhost.localdomain" domain name for e-mail messages that
came from external hosts. This could have allowed remote attackers to
disguise spoofed messages (CVE-2006-7176).

SRPMS:
 	sendmail-8.13.1-3.2.el4.src.rpm

i386:
 	sendmail-8.13.1-3.2.el4.i386.rpm
 	sendmail-cf-8.13.1-3.2.el4.i386.rpm
 	sendmail-devel-8.13.1-3.2.el4.i386.rpm
 	sendmail-doc-8.13.1-3.2.el4.i386.rpm

x86_64:
 	sendmail-8.13.1-3.2.el4.x86_64.rpm
 	sendmail-cf-8.13.1-3.2.el4.x86_64.rpm
 	sendmail-devel-8.13.1-3.2.el4.x86_64.rpm
 	sendmail-doc-8.13.1-3.2.el4.x86_64.rpm

-Connie Sieh
-Troy Dawson
Your message here