93670 2003-03-11 19:17 /192 rader/ <security@sco.com> Importerad: 2003-03-11 19:17 av Brevbäraren Extern mottagare: bugtraq@securityfocus.com Extern mottagare: announce@lists.caldera.com Extern mottagare: security-alerts@linuxsecurity.com Externa svar till: please_reply_to_security@sco.com Mottagare: Bugtraq (import) <3916> Ärende: Security Update: [CSSA-2003-010.0] Linux: remote buffer overflow in sendmail (CERT CA-2003-07) ------------------------------------------------------------ To: bugtraq@securityfocus.com announce@lists.caldera.com security-alerts@linuxsecurity.com ______________________________________________________________________________ SCO Security Advisory Subject: Linux: remote buffer overflow in sendmail (CERT CA-2003-07) Advisory number: CSSA-2003-010.0 Issue date: 2003 March 10 Cross reference: ______________________________________________________________________________ 1. Problem Description From CA-2003-07: Researchers at Internet Security Systems (ISS) have discovered a remotely exploitable vulnerability in sendmail. This vulnerability could allow an intruder to gain control of a vulnerable sendmail server. 2. Vulnerable Supported Versions System Package ---------------------------------------------------------------------- OpenLinux 3.1.1 Server prior to sendmail-8.11.6-13.i386.rpm prior to sendmail-cf-8.11.6-13.i386.rpm prior to sendmail-doc-8.11.6-13.i386.rpm OpenLinux 3.1.1 Workstation prior to sendmail-8.11.6-13.i386.rpm prior to sendmail-cf-8.11.6-13.i386.rpm prior to sendmail-doc-8.11.6-13.i386.rpm OpenLinux 3.1 Server prior to sendmail-8.11.6-13.i386.rpm prior to sendmail-cf-8.11.6-13.i386.rpm prior to sendmail-doc-8.11.6-13.i386.rpm OpenLinux 3.1 Workstation prior to sendmail-8.11.6-13.i386.rpm prior to sendmail-cf-8.11.6-13.i386.rpm prior to sendmail-doc-8.11.6-13.i386.rpm 3. Solution The proper solution is to install the latest packages. Many customers find it easier to use the Caldera System Updater, called cupdate (or kcupdate under the KDE environment), to update these packages rather than downloading and installing them by hand. 4. OpenLinux 3.1.1 Server 4.1 Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-010.0/RPMS 4.2 Packages 3750ebb1d4260068deab033eabfa605c sendmail-8.11.6-13.i386.rpm cab29f331a22f7c0c44769efe80b746e sendmail-cf-8.11.6-13.i386.rpm 41a25ff8da9ad6148cab4fd5a66b2c24 sendmail-doc-8.11.6-13.i386.rpm 4.3 Installation rpm -Fvh sendmail-8.11.6-13.i386.rpm rpm -Fvh sendmail-cf-8.11.6-13.i386.rpm rpm -Fvh sendmail-doc-8.11.6-13.i386.rpm 4.4 Source Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-010.0/SRPMS 4.5 Source Packages 7acdf8b847351d0c571c2c0ed7c68dc6 sendmail-8.11.6-13.src.rpm 5. OpenLinux 3.1.1 Workstation 5.1 Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-010.0/RPMS 5.2 Packages ebca70ce6348b3d90de88c24a4443a44 sendmail-8.11.6-13.i386.rpm ef0a8add4b49243cf2d79c5d7a86fe6c sendmail-cf-8.11.6-13.i386.rpm 65f790cf1ff8bac1d41b9c4767c27362 sendmail-doc-8.11.6-13.i386.rpm 5.3 Installation rpm -Fvh sendmail-8.11.6-13.i386.rpm rpm -Fvh sendmail-cf-8.11.6-13.i386.rpm rpm -Fvh sendmail-doc-8.11.6-13.i386.rpm 5.4 Source Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-010.0/SRPMS 5.5 Source Packages f4356e522f3d50cc8253330869e61669 sendmail-8.11.6-13.src.rpm 6. OpenLinux 3.1 Server 6.1 Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2003-010.0/RPMS 6.2 Packages b721b1c52f7e4b18cd65151bd4e1fede sendmail-8.11.6-13.i386.rpm ed725ab29d8773240447e779d4dcca88 sendmail-cf-8.11.6-13.i386.rpm d29d3b797cac1f276098c179279e4dd4 sendmail-doc-8.11.6-13.i386.rpm 6.3 Installation rpm -Fvh sendmail-8.11.6-13.i386.rpm rpm -Fvh sendmail-cf-8.11.6-13.i386.rpm rpm -Fvh sendmail-doc-8.11.6-13.i386.rpm 6.4 Source Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2003-010.0/SRPMS 6.5 Source Packages f4e7d5bca2b4edaeadd47eb48a430ce7 sendmail-8.11.6-13.src.rpm 7. OpenLinux 3.1 Workstation 7.1 Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2003-010.0/RPMS 7.2 Packages b40facf59df6beac8d683bf5319b1efe sendmail-8.11.6-13.i386.rpm 37dff1130c50606b7cc27dce20a73f21 sendmail-cf-8.11.6-13.i386.rpm fa7baa4aef7cdaf5bcf4367862b3a8e8 sendmail-doc-8.11.6-13.i386.rpm 7.3 Installation rpm -Fvh sendmail-8.11.6-13.i386.rpm rpm -Fvh sendmail-cf-8.11.6-13.i386.rpm rpm -Fvh sendmail-doc-8.11.6-13.i386.rpm 7.4 Source Package Location ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2003-010.0/SRPMS 7.5 Source Packages 6c7b998f60959f34b34f213b9f5cc0bd sendmail-8.11.6-13.src.rpm 8. References Specific references for this advisory: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1337 http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950 http://www.cert.org/advisories/CA-2003-07.html http://www.kb.cert.org/vuls/id/398025 http://www.sendmail.org/8.12.8.html SCO security resources: http://www.sco.com/support/security/index.html This security fix closes SCO incidents sr875285, fz527485, erg712249. 9. Disclaimer SCO is not responsible for the misuse of any of the information we provide on this website and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of SCO products. 10. Acknowledgements Internet Security Systems, Inc. discovered and researched these vulnerabilities. ______________________________________________________________________________ (93670) / <security@sco.com>/-------------(Ombruten) Bilaga (application/pgp-signature) i text 93671 93671 2003-03-11 19:17 /9 rader/ <security@sco.com> Importerad: 2003-03-11 19:17 av Brevbäraren Extern mottagare: bugtraq@securityfocus.com Extern mottagare: announce@lists.caldera.com Extern mottagare: security-alerts@linuxsecurity.com Externa svar till: please_reply_to_security@sco.com Mottagare: Bugtraq (import) <3917> Bilaga (text/plain) till text 93670 Ärende: Bilaga till: Security Update: [CSSA-2003-010.0] Linux: remote buffer overflow in sendmail (CERT CA-2003-07) ------------------------------------------------------------ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (SCO_SV) Comment: For info see http://www.gnupg.org iEYEARECAAYFAj5s2PQACgkQbluZssSXDTEhwACgpLjt2JD0I+EfffA3EINSugOu HfMAn0l+R453ZHCE8zEp3k2QugbUvYXQ =g+mQ -----END PGP SIGNATURE----- (93671) / <security@sco.com>/-----------------------