Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs

Sendmail SMRSH Double Pipe Access Validation Vulnerability

Solution:
OpenBSD has released patches for OpenBSD 3.0, 3.1 and 3.2 systems.
NetBSD has released an advisory. Users are advised to upgrade the smrsh binary.

Users of NetBSD-current are advised to upgrade to NetBSD-current dated 2002-10-04 or later. Users of NetBSD 1.6 are advised to upgrade from NetBSD 1.6 sources dated 2002-10-04 or later. Users of NetBSD 1.5 through 1.5.3 from NetBSD 1.5.* sources dated 2002-10-04 or later. Further details are available in the referenced advisory.

Users of Gentoo Linux are advised to upgrade using the following commands:

emerge rsync
emerge sendmail
emerge clean

Conectiva has released an advisory.

FreeBSD has released an advisory. Users are advised to upgrade vulnerable systems to the 4.7-STABLE branch, or to the appropriate RELENG_4_x branch after the correction date. A patch is also available. Further details may be found in the referenced advisory.

Mandrake has released a security advisory (MDKSA-2002:083). Fixes for Mandrake Linux are now available.

SGI has released an advisory. Users are advised to upgrade to IRIX 6.5.19 when available or to install the appropriate patch. Further information is available in the referenced advisory.

Apple has addressed this issue in MacOS X 10.2.4/MacOS X Server 10.2.4. Users are advised to upgrade.

HP has released a revised version of their advisory (HPSBUX0212-234) which has been updated to include fix information. Users are advised to upgrade as soon as possible. An upgrade for HP-UX 11.00 and 11.11 has also be made available online and can be accessed using the following link:

http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=SMAIL811

Fixes are available.


OpenBSD OpenBSD 3.2

OpenBSD OpenBSD 3.0

OpenBSD OpenBSD 3.1

HP HP-UX 11.0 4

HP HP-UX 11.0

HP HP-UX 11.11

HP HP-UX 11.22

Caldera OpenLinux Server 3.1

Caldera OpenLinux Workstation 3.1

Caldera OpenLinux Server 3.1.1

Caldera OpenLinux Workstation 3.1.1

FreeBSD FreeBSD 4.4

FreeBSD FreeBSD 4.5

FreeBSD FreeBSD 4.6

Sendmail Consortium Sendmail 8.11

Sendmail Consortium Sendmail 8.11.1

Sendmail Consortium Sendmail 8.11.4

Sendmail Consortium Sendmail 8.11.6

Sendmail Consortium Sendmail 8.12 .0

Sendmail Consortium Sendmail 8.12.1

Sendmail Consortium Sendmail 8.12.2

Sendmail Consortium Sendmail 8.12.3

Sendmail Consortium Sendmail 8.12.4

Sendmail Consortium Sendmail 8.12.5

Sendmail Consortium Sendmail 8.12.6







 

Privacy Statement
Copyright 2008, SecurityFocus