Security Update: [CSSA-2003-010.0] Linux: remote buffer overflow in sendmail (CERT CA-2003-07)

From: securityat_private
Date: Mon Mar 10 2003 - 10:27:00 PST

  • Next message: Frog Man: "PHP-Nuke 6.0 & 6.5RC2 SQL Injection Again" 

    To: bugtraqat_private announceat_private security-alertsat_private

______________________________________________________________________________

			SCO Security Advisory

Subject:		Linux: remote buffer overflow in sendmail (CERT CA-2003-07)
Advisory number: 	CSSA-2003-010.0
Issue date: 		2003 March 10
Cross reference:
______________________________________________________________________________


1. Problem Description

	From CA-2003-07: Researchers at Internet Security Systems
	(ISS) have discovered a remotely exploitable vulnerability in
	sendmail. This vulnerability could allow an intruder to gain
	control of a vulnerable sendmail server.


2. Vulnerable Supported Versions

	System				Package
	----------------------------------------------------------------------

	OpenLinux 3.1.1 Server		prior to sendmail-8.11.6-13.i386.rpm
					prior to sendmail-cf-8.11.6-13.i386.rpm
					prior to sendmail-doc-8.11.6-13.i386.rpm

	OpenLinux 3.1.1 Workstation	prior to sendmail-8.11.6-13.i386.rpm
					prior to sendmail-cf-8.11.6-13.i386.rpm
					prior to sendmail-doc-8.11.6-13.i386.rpm

	OpenLinux 3.1 Server		prior to sendmail-8.11.6-13.i386.rpm
					prior to sendmail-cf-8.11.6-13.i386.rpm
					prior to sendmail-doc-8.11.6-13.i386.rpm

	OpenLinux 3.1 Workstation	prior to sendmail-8.11.6-13.i386.rpm
					prior to sendmail-cf-8.11.6-13.i386.rpm
					prior to sendmail-doc-8.11.6-13.i386.rpm


3. Solution

	The proper solution is to install the latest packages. Many
	customers find it easier to use the Caldera System Updater, called
	cupdate (or kcupdate under the KDE environment), to update these
	packages rather than downloading and installing them by hand.


4. OpenLinux 3.1.1 Server

	4.1 Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-010.0/RPMS

	4.2 Packages

	3750ebb1d4260068deab033eabfa605c	sendmail-8.11.6-13.i386.rpm
	cab29f331a22f7c0c44769efe80b746e	sendmail-cf-8.11.6-13.i386.rpm
	41a25ff8da9ad6148cab4fd5a66b2c24	sendmail-doc-8.11.6-13.i386.rpm

	4.3 Installation

	rpm -Fvh sendmail-8.11.6-13.i386.rpm
	rpm -Fvh sendmail-cf-8.11.6-13.i386.rpm
	rpm -Fvh sendmail-doc-8.11.6-13.i386.rpm

	4.4 Source Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-010.0/SRPMS

	4.5 Source Packages

	7acdf8b847351d0c571c2c0ed7c68dc6	sendmail-8.11.6-13.src.rpm


5. OpenLinux 3.1.1 Workstation

	5.1 Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-010.0/RPMS

	5.2 Packages

	ebca70ce6348b3d90de88c24a4443a44	sendmail-8.11.6-13.i386.rpm
	ef0a8add4b49243cf2d79c5d7a86fe6c	sendmail-cf-8.11.6-13.i386.rpm
	65f790cf1ff8bac1d41b9c4767c27362	sendmail-doc-8.11.6-13.i386.rpm

	5.3 Installation

	rpm -Fvh sendmail-8.11.6-13.i386.rpm
	rpm -Fvh sendmail-cf-8.11.6-13.i386.rpm
	rpm -Fvh sendmail-doc-8.11.6-13.i386.rpm

	5.4 Source Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Workstation/CSSA-2003-010.0/SRPMS

	5.5 Source Packages

	f4356e522f3d50cc8253330869e61669	sendmail-8.11.6-13.src.rpm


6. OpenLinux 3.1 Server

	6.1 Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2003-010.0/RPMS

	6.2 Packages

	b721b1c52f7e4b18cd65151bd4e1fede	sendmail-8.11.6-13.i386.rpm
	ed725ab29d8773240447e779d4dcca88	sendmail-cf-8.11.6-13.i386.rpm
	d29d3b797cac1f276098c179279e4dd4	sendmail-doc-8.11.6-13.i386.rpm

	6.3 Installation

	rpm -Fvh sendmail-8.11.6-13.i386.rpm
	rpm -Fvh sendmail-cf-8.11.6-13.i386.rpm
	rpm -Fvh sendmail-doc-8.11.6-13.i386.rpm

	6.4 Source Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2003-010.0/SRPMS

	6.5 Source Packages

	f4e7d5bca2b4edaeadd47eb48a430ce7	sendmail-8.11.6-13.src.rpm


7. OpenLinux 3.1 Workstation

	7.1 Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2003-010.0/RPMS

	7.2 Packages

	b40facf59df6beac8d683bf5319b1efe	sendmail-8.11.6-13.i386.rpm
	37dff1130c50606b7cc27dce20a73f21	sendmail-cf-8.11.6-13.i386.rpm
	fa7baa4aef7cdaf5bcf4367862b3a8e8	sendmail-doc-8.11.6-13.i386.rpm

	7.3 Installation

	rpm -Fvh sendmail-8.11.6-13.i386.rpm
	rpm -Fvh sendmail-cf-8.11.6-13.i386.rpm
	rpm -Fvh sendmail-doc-8.11.6-13.i386.rpm

	7.4 Source Package Location

	ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Workstation/CSSA-2003-010.0/SRPMS

	7.5 Source Packages

	6c7b998f60959f34b34f213b9f5cc0bd	sendmail-8.11.6-13.src.rpm


8. References

	Specific references for this advisory:

		http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1337
		http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950
		http://www.cert.org/advisories/CA-2003-07.html
		http://www.kb.cert.org/vuls/id/398025
		http://www.sendmail.org/8.12.8.html

	SCO security resources:

		http://www.sco.com/support/security/index.html

	This security fix closes SCO incidents sr875285, fz527485,
	erg712249.


9. Disclaimer

	SCO is not responsible for the misuse of any of the information
	we provide on this website and/or through our security
	advisories. Our advisories are a service to our customers intended
	to promote secure installation and use of SCO products.


10. Acknowledgements

	Internet Security Systems, Inc. discovered and researched
	these vulnerabilities.

______________________________________________________________________________

    This archive was generated by hypermail 2b30 : Tue Mar 11 2003 - 10:17:18 PST