lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: aliz at gentoo.org (Daniel Ahlberg) Subject: GLSA: sendmail (200303-27) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - --------------------------------------------------------------------- GENTOO LINUX SECURITY ANNOUNCEMENT 200303-27 - - --------------------------------------------------------------------- PACKAGE : sendmail SUMMARY : buffer overflow DATE : 2003-03-31 09:13 UTC EXPLOIT : remote VERSIONS AFFECTED : <8.12.9 FIXED VERSION : >=8.12.9 CVE : CAN-2003-0161 - - --------------------------------------------------------------------- - From advisory: "There is a vulnerability in sendmail that can be exploited to cause a denial-of-service condition and could allow a remote attacker to execute arbitrary code with the privileges of the sendmail daemon, typically root." Read the full advisory at http://www.cert.org/advisories/CA-2003-12.html SOLUTION It is recommended that all Gentoo Linux users who are running net-mail/sendmail upgrade to sendmail-8.12.9 as follows: emerge sync emerge sendmail emerge clean - - --------------------------------------------------------------------- aliz@...too.org - GnuPG key is available at http://cvs.gentoo.org/~aliz avenj@...too.org - - --------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+iAbNfT7nyhUpoZMRAuQWAJ9DKi8B6JxgHVyxRLZfM1e5N0YyNQCgqM7Y NwuiPB4hihTbTLAXIKg9/J8= =RiMh -----END PGP SIGNATURE-----
Powered by blists - more mailing lists