[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Sendmail bug fix.

Subject: Re: [cobalt-users] Sendmail bug fix.
From: Peter Low <peterlow@xxxxxxxxxxxxxxxxxx>
Date: Tue Mar 4 08:07:01 2003
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

At 01:57 PM 3/4/03 +0100, you wrote:

For RaQ3
http://ns2.solarspeed.net/downloads/RaQ3-Sendmail-8.9.3C7sol1.pkg

For RaQ4
http://ns2.solarspeed.net/downloads/RaQ4-Sendmail-8.10.2-C1sol1.pkg

For RaQ550
http://ns2.solarspeed.net/downloads/RaQ550-Sendmail-8.11.6-1C4sol1.pkg

RaQXTR
http://ns2.solarspeed.net/downloads/RaQXTR-Sendmail-8.10.2-C1sol1.pkg

Cube3
http://ns2.solarspeed.net/downloads/Qube3-Sendmail-8.10.2-C2sol1.pkg
This PKGs fix a "Remote Header Processing Vulnerability" in Sendmail.Attackers may remotely exploit this vulnerability to gain "root" orsuperuser control of any vulnerable Sendmail server. The full details ofthis vulnerability are outlined in ISS X-Force's Advisory.
The PKGs above were built with a patch that the Sendmail consortiumreleased to address this issue.
The Qube3, RaQ4, XTR and the RaQ550 PKG are fully uninstallable. The RaQ3package cannot be uninstalled.
Reboot Required: No
Sends registration email: No

Any patch available for a Qube2? Anyone have any information onpatching/upgrading a Qube2?


Peter

Follow-Ups:
- Re: [cobalt-users] Sendmail bug fix.
  - From: Jay Summers

References:
- [cobalt-users] Sendmail bug fix.
  - From: Mikkel Blankholm Nielsen
- Re: [cobalt-users] Sendmail bug fix.
  - From: René Mølsted

Prev by Date: RE: [cobalt-users] DNS Zone Transfers being permitted - why?
Next by Date: RE: [cobalt-users] Bug-Travel 0wnS y0u ::: Irc.Brasnet.Org #BugTravel
Previous by thread: [cobalt-users] Re: Re:Sendmail Header Vulnerability RAQ3
Next by thread: Re: [cobalt-users] Sendmail bug fix.

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index