Fwd: SANS Alert - Critical Vulnerability in Sendmail and aSnort Vulnerability
Tim Wunder
tim
Mon May 17 11:45:01 PDT 2004
On 3/4/2003 7:10 AM, someone claiming to be DOUGLAS HUNLEY wrote:
<snip sendmail vulnerability stuff>
Hmmm...
This notice says that sendmail version 8.12.8 is vulnerable, at least
that's how I read "Sendmail versions 5.2 up to 8.12.8 are known to be
vulnerable at this time". Then goes on to imply that 8.12.8 is not
vulnerable by recommending upgrading to it, "system administrators who
employ Sendmail take this opportunity to review the security of their
Sendmail software and to either upgrade to Sendmail 8.12.8 or apply the
appropriate patch for older versions as soon as possible."
FWIW, the RHN updated my 8.0 box to rpm version sendmail-8.12.8-1.80 and
patched my 7.0 box's version to rpm version sendmail-8.11.6-23.70.
Regards,
Tim
More information about the Linux-users
mailing list