Slackware Security Advisory: Sendmail Critical Remote Exploit Risk
slackware
March 4, 2003
A remote vulnerability exists that can result in commands can be executed with administrative privileges.
Summary
Here are the details from the Slackware 8.1 ChangeLog: Mon Mar 3 10:29:01 PST 2003 patches/packages/sendmail-8.12.8-i386-1.tgz: Upgraded to sendmail-8.12.8. From sendmail's RELNOTES: SECURITY: Fix a remote buffer overflow in header parsing by dropping sender and recipient header comments if the comments are too long. Problem noted by Mark Dowd of ISS X-Force. (* Security fix *) patches/packages/sendmail-cf-8.12.8-noarch-1.tgz: Updated config files for sendmail-8.12.8. WHERE TO FIND THE NEW PACKAGES: Updated packages for Slackware 8.1: Updated packages for Slackware -current: MD5 SIGNATURES: Here are the md5sums for the packages: Slackware 8.1 packages: c2c72b982d91d9ca0f59ab2afdf337f2 sendmail-8.12.8-i386-1.tgz 0b8e338169dca7487dd042ba070120d1 sendmail-cf-8.12.8-noarch-1.tgz Slackware -current packages: a9db559cd852164577f26efff1e9b36d sendmail-8.12.8-i386-1.tgz 0141c1f40e1efd148f9ccd1d5a09e7f0
Read the Full Advisory
Where Find New Packages
MD5 Signatures
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Installation Instructions
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!