Kritikus sebezhetőséget fedeztek fel a szakemberek a sendmail MTA-ban, amelyet a támadók távolról kihasználva akár root accounthoz is juthathatnak. A hibáról bővebben az ISS hibajegyében olvashatsz. Az OpenBSD csapat reagált a hibára, és az OpenBSD-currentben frissítették a a sendmailt a 8.12.8-es verzióra. Az OpenBSD 3.1 és 3.2-stable rendszerekben patchelni kell a sendmailt.
Email bejelentés:To: security-announce@openbsd.org
Subject: remote buffer overflow in sendmail
From: "Todd C. Miller"
Date: Mon, 03 Mar 2003 10:49:33 -0700
--------------------------------------------------------------------------------
A buffer overflow has been found in sendmail's envelope comment processing code which may allow an attacker to gain root privileges. The bug was discovered by Mark Dowd of ISS X-Force.
For more information, see:
http://www.iss.net/issEn/delivery/x...l.jsp?oid=21950
http://www.sendmail.org/8.12.8.html
As shipped, OpenBSD runs a sendmail that binds only to localhost, making this a localhost-only hole in the default configuration. However, any sendmail configuration that accepts incoming mail may
potentially be exploited.
The sendmail in OpenBSD-current has been updated to version 8.12.8. The 3.1 and 3.2 -stable branches have had a patch applied that fixes the buffer overflow. However, because the -stable branches have the specific vulnerability patched (as opposed to the full 8.12.8 distribution), sendmail on -stable will report the old sendmail version.
Patch for OpenBSD 3.1:
ftp://ftp.openbsd.org/pub/OpenBSD/p..._sendmail.patch
Patch for OpenBSD 3.2:
ftp://ftp.openbsd.org/pub/OpenBSD/p..._sendmail.patch
Patches for older versions of sendmail may be found at
ftp://ftp.sendmail.org/pub/sendmail/