[8lgm]-Advisory-17.UNIX.sendmailV5-2-May-1995

8lgmbagpuss.demon.co.uk

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Pete Hartman: "ARG!"
• Previous message: Matthew Svennson: "f"

This advisory has been sent to:

        comp.security.unix
        CERT/CC                 <certcert.org>

===========================================================================
                [8lgm]-Advisory-17.UNIX.sendmailV5-2-May-1995


PROGRAM:

        sendmail(8)        (Version 5.*)

KNOWN VULNERABLE VERSIONS:

        SunOS 4.1.* up to and including patch 100377-19
	Sendmail V5.*
	IDA Sendmail V5.*
	(Likely that any sendmail based on V5 is also vulnerable).
	
DESCRIPTION:

	A flaw exists in versions of sendmail based on V5, which allows
	users to run programs and/or append to files remotely.

	The user does not require an account on that system.

IMPACT:

        Systems running V5 based sendmail are exploitable remotely.

REPEAT BY:

	At this time, exploit details are not available.  Exploit
	details will be provided on the 8lgm fileserver, at some
	point in the future.

DISCUSSION:

	Details have been provided to ecdcert.org, in order to speed
	up availability of exploit information to vulnerable vendors.

WORKAROUND & FIX:

	1) Install V8 sendmail.

	2) Obtain patch from vendor.

FEEDBACK AND CONTACT INFORMATION:

        majordomo8lgm.org        (Mailing list requests - try 'help'
				   for details)

        8lgm8lgm.org		  (Everything else)

8LGM FILESERVER:

	All [8LGM] advisories may be obtained via the [8LGM] fileserver.
	For details, 'echo help | mail 8lgm-fileserver8lgm.org'
===========================================================================

• Next message: Pete Hartman: "ARG!"
• Previous message: Matthew Svennson: "f"