OpenBSD patch a távoli puffer túlcsorulási sendmail hibára

 ( trey | 2003. március 4., kedd - 9:42 )

Kritikus sebezhetőséget fedeztek fel a szakemberek a sendmail MTA-ban, amelyet a támadók távolról kihasználva akár root accounthoz is juthathatnak. A hibáról bővebben az ISS hibajegyében olvashatsz. Az OpenBSD csapat reagált a hibára, és az OpenBSD-currentben frissítették a a sendmailt a 8.12.8-es verzióra. Az OpenBSD 3.1 és 3.2-stable rendszerekben patchelni kell a sendmailt.

Email bejelentés:To: security-announce@openbsd.org
Subject: remote buffer overflow in sendmail
From: "Todd C. Miller"
Date: Mon, 03 Mar 2003 10:49:33 -0700

--------------------------------------------------------------------------------

A buffer overflow has been found in sendmail's envelope comment processing code which may allow an attacker to gain root privileges. The bug was discovered by Mark Dowd of ISS X-Force.

For more information, see:
http://www.iss.net/issEn/delivery/x...l.jsp?oid=21950
http://www.sendmail.org/8.12.8.html

As shipped, OpenBSD runs a sendmail that binds only to localhost, making this a localhost-only hole in the default configuration. However, any sendmail configuration that accepts incoming mail may
potentially be exploited.

The sendmail in OpenBSD-current has been updated to version 8.12.8. The 3.1 and 3.2 -stable branches have had a patch applied that fixes the buffer overflow. However, because the -stable branches have the specific vulnerability patched (as opposed to the full 8.12.8 distribution), sendmail on -stable will report the old sendmail version.

Patch for OpenBSD 3.1:
ftp://ftp.openbsd.org/pub/OpenBSD/p..._sendmail.patch

Patch for OpenBSD 3.2:
ftp://ftp.openbsd.org/pub/OpenBSD/p..._sendmail.patch

Patches for older versions of sendmail may be found at

ftp://ftp.sendmail.org/pub/sendmail/