[PLDSA 10-1] New sendmail packages fix smrsh insecurities
Krzysiek Taraszka
dzimi at pld.org.pl
Thu Jan 30 14:09:55 CET 2003
- --------------------------------------------------------------------------
PLD Security Advisory PLDSA 10-1 security at pld.org.pl
http://www.pld.org.pl/security/ PLD Security Team
04 January 2003 http://www.pld.org.pl/security/faq
- --------------------------------------------------------------------------
Package : prior to sendmail-8.12.6-2
Vulnerability : smrsh insecurities
Problem-Type : local
PLD-specific : no
Upstream URL : http://www.sendmail.org/smrsh.adv.txt
A vulnerability was discovered by zen-parse and Pedram Amini in the
sendmail MTA. They found two ways to exploit smrsh, an application
intended as a replacement for the sh shell for use with sendmail; the
first by inserting specially formatted commands in the ~/.forward file
and secondly by calling smrsh directly with special options. These
can be exploited to give users with no shell account, or those not
permitted to execute certain programs or commands, the ability to bypass
these restrictions.
The above problems have been fixed in version 8.12.7-1 for the
current stable distribution (ra).
We recommend that you upgrade your sendmail packages.
wget -c url
will fetch the file for you
rpm -Uhv file(s)*.rpm
will upgrade the referenced file.
If you are using "poldek" - the package manager, use the line as given below
for upgrade packages
poldek --update
will update the internal database
poldek --upgrade 'sendmail*'
will install corrected packages
If you are using "apt" - the package manager, use the line as given below
for upgrade packages
apt-get update
will update the internal database
apt-get upgrade 'sendmail*'
will install corrected packages
PLD Linux 1.0 alias ra
- --------------------
Source archives:
ftp://ftp.pld.org.pl/dists/ra/updates/security/SRPMS/sendmail-8.12.7-1.src.rpm
MD5 checksum: 28fe640d4516ecd29c69d9f3ab039b4e
I386 Architecture components:
ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/sendmail-8.12.7-1.i386.rpm
MD5 checksum: f4e0ba713551acd269e99f800cfd0a88
I586 Architecture components:
ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/sendmail-8.12.7-1.i586.rpm
MD5 checksum: a34e578eba1f42d3953d514a484679e6
I686 Architecture components:
ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/sendmail-8.12.7-1.i686.rpm
MD5 checksum: fa97220d237e7bade66f03fe9db6e015
PowerPC Architecture components:
ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/sendmail-8.12.7-1.ppc.rpm
MD5 checksum: 91dc622ae16b98079b41a0ba2e8aef89
-
--------------------------------------------------------------------------------
-
If you are using poldek add this line to poldek.conf.
If you are using apt-get add this line to sources.list.
For i386 architecture
poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i386/
apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i386 base updates-security
For i586 architecture
poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i586/
apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i586 base updates-security
For i686 architecture
poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/i686/
apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/i686 base updates-security
For ppc architecture
poldek: source = ra-updates-security ftp://ftp.pld.org.pl/dists/ra/updates/security/ppc/
apt-get: rpm ftp://ftp.pld.org.pl/dists ra/apt/ppc base updates-security
More information about the pld-security-announce
mailing list