|
|
Lucius Annaeus Seneca (2 BC-65AD) Roman philospher.
- DNS Map Vulnerability in Sendmail 8.12.x -
Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com)
Madrid, August 27, 2003 - A new vulnerability has been detected that affects
Sendmail 8.12.x prior to 8.12.9. By exploiting this flaw, an attacker cause
a Denial of service (DoS) and run remote arbitrary code on the affected
computer.
Sendmail is the most commonly used MTA (Mail Transfer Agent) in mail
servers. This new vulnerability can occur when DNS maps are used. This
function was first implemented in Sendmail version 8.12, so this flaw does
not affect previous versions.
In order to carry out an attack, a DNS server must send an specially-crafted
reply to an affected system. This could crash the service and an attacker
could take advantage of this situation to run arbitrary code. Although
Sendmail Consortium has no reports that the vulnerability has been exploited
in order to run code, it is advisable to immediately update affected
systems.
Sendmail Consortium recommends updating to version 8.12.9, launched on the
March 29. Another solution is to apply a patch. For more details on this
problem, visit http://www.sendmail.org/dnsmap1.html.
NOTE: The address above may not show up on your screen as a single line.
This would prevent you from using the link to access the web page. If this
happens, just use the 'cut' and 'paste' options to join the pieces of the
URL.
-------------------------------------------------
The 5 most frequently detected viruses by Panda ActiveScan, Panda Software's
free online antivirus: 1) Blaster; 2) Sobig.F; 3) Bugbear.B; 4) Klez.I; 5)
PSWBugbear.B.
|
|
|
 |
|
No Comments Allowed for Anonymous, please register |
|
| |
|
Login |
|
 |
|
|
|
|
· New User? · Click here to create a registered account.
|
|
|
Article Rating |
|
|
|
|
|
|
Average Score: 0
Votes: 0
|
|
|
