| VID |
18055 |
| Severity |
40 |
| Port |
25 |
| Protocol |
TCP |
| Class |
SMTP |
| Detailed Description |
Sendmail 8.6.9 allows remote attackers to execute root commands, using IDENT.
Sendmail is a Mail Transport Agent (MTA) used on many Unix-based operating systems. A buffer overflow vulnerability in the IDENT function of Sendmail 8.6.9 could allow attackers to obtain remote root access. Sendmail version 8.6.9 connects back to the IDENT service to log user information. This version of Sendmail does not validate the information returned by the client. If the response by the client passed to Sendmail is longer than expected, the response overflows the buffer. This could allow a remote attacker to execute commands on the affected system with root privileges.
* Note: Due to the following reasons, this may or may not be considered a security risk in your environment (i.e. It may be a false positive):
1. This check solely relied on the version number of the remote Sendmail server to assess this vulnerability.
2. The version number of the Sendmail server is based on the standard Sendmail distribution released by the Sendmail Consortium.
* References:
http://www.ciac.org/ciac/bulletins/f-13.shtml
http://archives.neohapsis.com/archives/bugtraq/1995_1/0470.html
http://www.cert.org/advisories/CA-95.05.sendmail.vulnerabilities
* Platforms Affected:
Sendmail 8.6.9
ConvexOS Any version
DG/UX Any version
HP Apollo Domain/OS 10.3
HP-UX Any version
IRIX Any version
Linux Any version
NeXTSTEP Any version
SCO Unix Any version
Solaris Any version
UNICOS Any version
Ultrix Any version
lftpd Any version |
| Recommendation |
Upgrade to the latest version of Sendmail (8.12.10 or later), available from the Sendmail Web site at http://www.sendmail.org/8.12.10.html
For other distributions:
Contact your vendor for upgrade or patch information. See http://www.cert.org/advisories/CA-95.05.sendmail.vulnerabilities |
| Related URL |
CVE-1999-0204 (CVE) |
| Related URL |
2311 (SecurityFocus) |
| Related URL |
627 (ISS) |
|
