Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 20 Nov 1996 09:49:40 +1100 (EST)
From:      Carey Nairn <cp_nairn@cc.utas.edu.au>
To:        FreeBSD Questions <questions@freebsd.org>
Subject:   sendmail security problem
Message-ID:  <Pine.SOL.3.91.961120094257.4595H-100000@wedge.its.utas.edu.au>
next in thread | raw e-mail | index | archive | help 
I have just seen a CERT advisory regarding a security problem with 
sendmail as follows:

AUSCERT has received information that sendmail versions 8.7.x to 8.8.2
(inclusive) contain a serious security vulnerability.
 
This vulnerability may allow local users to gain root privileges.
 
Exploit details involving this vulnerability have been widely distributed.
 
AUSCERT recommends that sites takes the steps outlined in Section 3
as soon as possible.
- ---------------------------------------------------------------------------
 
1.  Description
 
    A vulnerability exists in all versions of sendmail from 8.7.x to 8.8.2
    that allows local users to gain root privileges.
 
    A user can invoke sendmail in "daemon" mode by naming it to be "smtpd".
    Due to a coding error, this bypasses the usual check that only root
    can start the daemon.  As of 8.7, sendmail will restart itself when
    it gets a SIGHUP signal.  By manipulating the environment in which
    sendmail is run it is possible to force sendmail into executing an
    arbitrary program with root privileges.
 
    AUSCERT has been informed that sendmail versions prior to 8.8.x are
    no longer supported.  Sites using older versions of sendmail will need
    to upgrade to the current version of sendmail.
 
....

I guess this means that FreeBSD version prior to 2.1.6 are vulnerable.  
My question is what version of sendmail is shipped with 2.1.6 (and 2.2).

Cheers,
Carey

=========================================================================     
| Carey Nairn                     | email : Carey.Nairn@its.utas.edu.au |
| Infrastructure Services         | phone : (03) 6226 7419              |
| Information Technology Services | fax   : (03) 6226 7898              |
| University of Tasmania.         | int'l : (+61 3)                     |
=========================================================================

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SOL.3.91.961120094257.4595H-100000>