does CERT sendmail adv. affect Linux sendmail users?

does CERT sendmail adv. affect Linux sendmail users?

Post by Daniel L. Gou » Fri, 24 Feb 1995 08:45:18



Just as the subject says, some Linux boxes i use have sendmail and
identd, and it seems every system but Linux was on the list (sendmail
itself was, so that is why I am guessing we are affected).  Should I get
security updates immediately?

--
Dan Gould psychosysadmin of goober!  http://www.mbhs.edu/~dgould/

Duct tape is like the force, it has a dark side, a light side, and it
holds the universe together.   -Carl Zwanig

 
 
 

does CERT sendmail adv. affect Linux sendmail users?

Post by John Kenne » Fri, 24 Feb 1995 15:48:21



>  Just as the subject says, some Linux boxes i use have sendmail and
>  identd, and it seems every system but Linux was on the list (sendmail
>  itself was, so that is why I am guessing we are affected).  Should I get
>  security updates immediately?

  Yes, you should upgrade.  Linux is IDENT friendly, and there are always
the local attacks.  It was sendmail using the IDENT protocol, not linux's
identd, that was causing that problem.  If you're using a recent version
of V8 sendmail you could turn IDENT off and stall for a while, as long as
people couldn't log in locally to attack you.

 
 
 

1. "sendmail -?" segfaults with sendmail 8.7.5/linux-2.0.6

I am getting segmentation faults with sendmail-8.7.5 when I give it an invalid
command line.  It does appear to work in the normal case, but I am not sure
I want to trust it as an internet gateway to an office yet.  I've tried
both the binary from sunsite and compiling my own with the same result.
Is sendmail broken or do I have something wrong with my shared libs (using
libc-5.4.2)?

Les Mikesell

2. Linux graphics projects - questions about interrelationships

3. CERT Sendmail advisory of 11/4

4. RPC client connection to an IP address

5. recompiled kernel affects sendmail?

6. Please Clarify the differences.

7. HELP: sendmail times out: affects emacs and netscape

8. FreeBSD 4.7 hardware issues and questions.

9. CERT Sendmail advisory - Implementation problem

10. CERT Advisory CA-2002-28 Trojan Horse Sendmail Distribution

11. CERT Advisory - Sendmail Vulnerability

12. Some serious questions for CERT (was Sendmail Vulnerability...)

13. Sendmail help - alias works for install-created users, does not for new users.