-----BEGIN PGP SIGNED MESSAGE----- NetBSD Security Advisory 2002-023 ================================= Topic: sendmail smrsh bypass vulnerability Version: NetBSD-current: source prior to October 4, 2002 NetBSD 1.6: affected NetBSD-1.5.3: affected NetBSD-1.5.2: affected NetBSD-1.5.1: affected NetBSD-1.5: affected pkgsrc: prior to/including sendmail-8.12.6 Severity: bypassing local access control Fixed: NetBSD-current: October 4, 2002 NetBSD-1.6 branch: October 4, 2002 (1.6.1 will include the fix) NetBSD-1.5 branch: October 4, 2002 pkgsrc: sendmail-8.12.6nb1 or later Abstract ======== If smrsh (sendmail restricted shell) is in use with sendmail, local user can bypass access restrictions imposed by smrsh. Technical Details ================= http://www.sendmail.org/smrsh.adv.txt Solutions and Workarounds ========================= If your system uses smrsh, your system is vulnerable. If you see lines matching "smrsh" in /etc/mail/sendmail.cf, you are using smrsh. % grep smrsh /etc/mail/sendmail.cf Even if you are not using smrsh, we encourage you to upgrade smrsh binary. The following instructions describe how to upgrade your smrsh binaries by updating your source tree and rebuilding and installing a new version of smrsh. * NetBSD-current: Systems running NetBSD-current dated from before 2002-10-04 should be upgraded to NetBSD-current dated 2002-10-04 or later. The following directories need to be updated from the netbsd-current CVS branch (aka HEAD): gnu/dist/sendmail/smrsh To update from CVS, re-build, and re-install smrsh: # cd src # cvs update -d -P gnu/dist/sendmail/smrsh # cd gnu/usr.sbin/sendmail/smrsh # make cleandir dependall # make install * NetBSD 1.6: Systems running NetBSD 1.6 dated from before 2002-10-04 should be upgraded to NetBSD 1.6 dated 2002-10-04 or later. The following directories need to be updated from the netbsd-1-6 CVS branch: gnu/dist/sendmail/smrsh To update from CVS, re-build, and re-install smrsh: # cd src # cvs update -d -P gnu/dist/sendmail/smrsh # cd gnu/usr.sbin/sendmail/smrsh # make cleandir dependall # make install * NetBSD 1.5, 1.5.1, 1.5.2, 1.5.3: Systems running NetBSD 1.5 dated from before 2002-10-04 should be upgraded to NetBSD 1.5 dated 2002-10-04 or later. The following directories need to be updated from the netbsd-1-5 CVS branch: gnu/dist/sendmail/smrsh To update from CVS, re-build, and re-install smrsh: # cd src # cvs update -d -P gnu/dist/sendmail/smrsh # cd gnu/usr.sbin/sendmail/smrsh # make cleandir dependall # make install Thanks To ========= Jeremy C. Reed for bringing the issue into attention via PR#18516. Revision History ================ 2002-10-08 Initial release More Information ================ Advisories may be updated as new information comes to hand. The most recent version of this advisory (PGP signed) can be found at ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-023.txt.asc Information about NetBSD and NetBSD security can be found at http://www.NetBSD.ORG/ and http://www.NetBSD.ORG/Security/. Copyright 2002, The NetBSD Foundation, Inc. All Rights Reserved. $NetBSD: NetBSD-SA2002-023.txt,v 1.4 2002/10/08 03:43:36 itojun Exp $ -----BEGIN PGP SIGNATURE----- Version: 2.6.3ia Charset: noconv iQCVAwUBPaJUfT5Ru2/4N2IFAQEHtwQAwTTwQ8N2w4MvGDhi24xalrYhY9Q4Z113 Q/y6cM3+JEufzlEJPpMnWyWHHBYMn7utmvn9kie724IFDBOEKYXCcYFYWWZN54mD mnXNa3g10ZOpMR2iA5P3wTFGCZPOaeJkVZAI0UwZ95OIXCkPtZ6TVqs0ioUf4hyQ lYc69Hwpg+Q= =+/Rb -----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Tue Oct 08 2002 - 08:07:09 PDT