SecurityFocus

SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow) Mar 23 2006 09:41AM
Gadi Evron (ge linuxbox org) (5 replies)

Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow) Mar 24 2006 04:27AM
Eric Allman eric+bugtraq (at) neophilic (dot) com [email concealed] (eric+bugtraq neophilic com) (1 replies)

Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow) Mar 24 2006 06:03PM
Gadi Evron (ge linuxbox org)

Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow) Mar 24 2006 03:08AM
Claus Assmann ca+bugtraq (at) zardoc.endmail (dot) org [email concealed] (ca+bugtraq zardoc endmail org) (2 replies)

Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow) Mar 24 2006 05:56PM
Gadi Evron (ge linuxbox org) (1 replies)

Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow) Mar 25 2006 08:47AM
Todd Burroughs (fd parsec net)

Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow) Mar 24 2006 05:39PM
Theo de Raadt (deraadt cvs openbsd org)

Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow) Mar 24 2006 02:52AM
Theo de Raadt (deraadt cvs openbsd org) (2 replies)

Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow) Mar 24 2006 05:53PM
Gadi Evron (ge linuxbox org) (2 replies)

Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow) Mar 25 2006 09:51AM
Casper Dik Sun COM

RE: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow) Mar 24 2006 11:31PM
Michael A Fusaro II (maf mafii com)

Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow) Mar 24 2006 03:13PM
Martin Schulze (joey infodrom org) (1 replies)

Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow) Mar 24 2006 10:17PM
Theo de Raadt (deraadt cvs openbsd org) (4 replies)

Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow) Mar 25 2006 11:12PM
Florian Weimer (fw deneb enyo de) (1 replies)

Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow) Mar 28 2006 07:36AM
Casper Dik Sun COM

Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow) Mar 25 2006 08:12AM
Pim van Riezen (pi madscience nl)

Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow) Mar 25 2006 03:16AM
Gadi Evron (ge linuxbox org) (1 replies)

Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow) Mar 26 2006 04:12PM
Geo. (geoincidents nls net)

Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow) Mar 25 2006 12:33AM
D.F.Russell (DFRussell spamcop net) (1 replies)

Re: SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow) Mar 25 2006 09:54PM
Kurt Seifried (bt seifried org)

Re: [Full-disclosure] SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow) Mar 23 2006 08:13PM
Dragos Ruiu (dr kyx net) (1 replies)

Re: [Full-disclosure] SendGate: Sendmail Multiple Vulnerabilities (Race Condition DoS, Memory Jumps, Integer Overflow) Mar 24 2006 05:44PM
Gadi Evron (ge linuxbox org)

trusting SMTP [was: SendGate: Sendmail Multiple Vulnerabilities] Mar 23 2006 09:59AM
Gadi Evron (ge linuxbox org) (1 replies)

Re: [Full-disclosure] trusting SMTP [was: SendGate: Sendmail Multiple Vulnerabilities] Mar 24 2006 10:13AM
Valdis Kletnieks vt edu (1 replies)

Re: [Full-disclosure] trusting SMTP [was: SendGate: Sendmail Multiple Vulnerabilities] Mar 24 2006 05:50PM
Gadi Evron (ge linuxbox org)

On Fri, 24 Mar 2006 Valdis.Kletnieks (at) vt (dot) edu [email concealed] wrote:
> On Thu, 23 Mar 2006 03:59:20 CST, Gadi Evron said:
> > Oh, sorry for not mentioning earlier -
> > Operators that want to patch Sendmail, I'd suggest doing it soon. Now we
> > not only do we face risk to our mail servers, but rather trusting other
> > servers as well.
>
> Been there, done that. All the same issues we saw when 8.12.9 came out:

Exactly. You just made my point.

>
> 8.12.9/8.12.9 2003/03/29
> SECURITY: Fix a buffer overflow in address parsing due to
> a char to int conversion problem which is potentially
> remotely exploitable. Problem found by Michal Zalewski.
> Note: an MTA that is not patched might be vulnerable to
> data that it receives from untrusted sources, which
> includes DNS.
>
> So just like last time - I'm sure somebody will patch their external-facing
> mailserver *first*, and that lets exploit mail get through the external
> mailer and reach the internal mailserver (where before it would just have
> 0wned the external server).
>
> Not that Sendmail is any different from any OTHER infrastructure software.
> The exact same issues apply when an IOS bug is found, or an NTP bug, or.....
>
> (And if you think Sendmail didn't do a good job of releasing the info, I
> shudder to think of what you thought of how Cisco handled the whole Lynn thing ;)
>
>
>

[ reply ]