Linux 版 (精华区)
发信人: qubo (qubo), 信区: Linux
标 题: Sendmail prescan头处理远程溢出漏洞 (转载)
发信站: 哈工大紫丁香 (2003年09月23日08:26:28 星期二), 站内信件
【 以下文字转载自 Hacker 讨论区 】
【 原文由 qubo 所发表 】
CCERT编号:CCERT-2002-55
CERT/CC编号: CA-2003-25
CVE编号: CAN-2003-0694
公告编者 : starry
发布时间: 2003-09-19 19:23
最后一次更新时间: 2003-09-22 18:33
公告来源: CERT/CC
详细描述:
Sendmail是一款互联网上最流行的邮件传输代理(MTA)。
Sendmail中的prescan()函数存在问题,远程攻击者可以利用这个漏洞可能以Sendmail进程
权
限在系统上执行任意指令。
在Linux上的本地利用方法可以通过recipient.c和sendtolist(),利用用户提交的数据覆
盖
指针,在调用free()函数时可能导致指令重定向,攻击者可以构建恶意邮件消息提交给Sen
dmail
解析可能以Sendmail进程权限在系统上执行任意指令。一般的利用方式是通过parseaddr()
函数
间接调用prescan()函数来覆盖一些数据结构来触发溢出,也有可能存在其他的利用方式,
远程
利用此漏洞也是可能的。
影响系统:
Sendmail Consortium Sendmail 8.9.3
Sendmail Consortium Sendmail 8.9.2
Sendmail Consortium Sendmail 8.9.1
Sendmail Consortium Sendmail 8.9.0
Sendmail Consortium Sendmail 8.12beta7
Sendmail Consortium Sendmail 8.12beta5
Sendmail Consortium Sendmail 8.12beta16
Sendmail Consortium Sendmail 8.12beta12
Sendmail Consortium Sendmail 8.12beta10
Sendmail Consortium Sendmail 8.12.9
Sendmail Consortium Sendmail 8.12.8
Sendmail Consortium Sendmail 8.12.7
Sendmail Consortium Sendmail 8.12.6
Sendmail Consortium Sendmail 8.12.5
Sendmail Consortium Sendmail 8.12.4
Sendmail Consortium Sendmail 8.12.3
Sendmail Consortium Sendmail 8.12.2
Sendmail Consortium Sendmail 8.12.1
Sendmail Consortium Sendmail 8.12
Sendmail Consortium Sendmail 8.11.6
Sendmail Consortium Sendmail 8.11.5
Sendmail Consortium Sendmail 8.11.4
Sendmail Consortium Sendmail 8.11.3
Sendmail Consortium Sendmail 8.11.2
Sendmail Consortium Sendmail 8.11.1
Sendmail Consortium Sendmail 8.11
Sendmail Consortium Sendmail 8.10.2
Sendmail Consortium Sendmail 8.10.1
Sendmail Consortium Sendmail 8.10
风险:高
解决方案:
目前厂商已经发布了相关的补丁程序,我们建议你尽快根据下面提供的连接下载相关的补
丁程序安装:
Conectiva
---------
Conectiva已经为此发布了一个安全公告(CLA-2003:742)以及相应补丁:
CLA-2003:742:sendmail
链接:http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000742
补丁下载:
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/sendmail-8.11.6-1U70_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/sendmail-cf-8.11.6-1U70_5cl.i386.r
pm
ftp://atualizacoes.conectiva.com.br/7.0/RPMS/sendmail-doc-8.11.6-1U70_5cl.i386.
rpm
ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/sendmail-8.11.6-1U70_5cl.src.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/sendmail-8.11.6-2U80_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/sendmail-cf-8.11.6-2U80_5cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/8/RPMS/sendmail-doc-8.11.6-2U80_5cl.i386.rp
m
ftp://atualizacoes.conectiva.com.br/8/SRPMS/sendmail-8.11.6-2U80_5cl.src.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/sendmail-8.12.5-26986U90_3cl.i386.rp
m
ftp://atualizacoes.conectiva.com.br/9/RPMS/sendmail-cf-8.12.5-26986U90_3cl.i386
.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/sendmail-doc-8.12.5-26986U90_3cl.i38
6.rpm
ftp://atualizacoes.conectiva.com.br/9/SRPMS/sendmail-8.12.5-26986U90_3cl.src.rp
m
Debian
------
Debian已经为此发布了一个安全公告(DSA-384-1)以及相应补丁:
DSA-384-1:New sendmail packages fix buffer overflows
链接:http://www.debian.org/security/2002/dsa-384
补丁下载:
Source archives:
http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.12.3-6.6.dsc
Size/MD5 checksum: 751 a7d0da0bedbe35592233cb9ce710f551
http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.12.3-6.6.dif
f.gz
Size/MD5 checksum: 255026 5a86a93275a55af8c92677469c4a8cd3
http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.12.3.orig.ta
r.gz
Size/MD5 checksum: 1840401 b198b346b10b3b5afc8cb4e12c07ff4d
http://security.debian.org/pool/updates/main/s/sendmail-wide/
sendmail-wide_8.12.3+3.5Wbeta-5.5.dsc
Size/MD5 checksum: 738 cc23a68bcf23332d560086c3c55cd16a
http://security.debian.org/pool/updates/main/s/sendmail-wide/
sendmail-wide_8.12.3+3.5Wbeta-5.5.diff.gz
Size/MD5 checksum: 327218 7f2fc2d0efe7935713b2d77dec66359c
http://security.debian.org/pool/updates/main/s/sendmail-wide/
sendmail-wide_8.12.3+3.5Wbeta.orig.tar.gz
Size/MD5 checksum: 1870451 4c7036e8042bae10a90da4a84a717963
Architecture independent components:
http://security.debian.org/pool/updates/main/s/sendmail/sendmail-doc_8.12.3-6.6
_all.deb
Size/MD5 checksum: 747778 9c4362147654d4f28d8346fa4ad84ed0
Alpha architecture:
http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.12.3-6.
6_alpha.deb
Size/MD5 checksum: 267842 4f53274558b9e29ca341721a68fb4adc
http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.12.3-6.6_alp
ha.deb
Size/MD5 checksum: 1109340 78cb6eb6b340e5dc52982889532a844a
http://security.debian.org/pool/updates/main/s/sendmail-wide/
sendmail-wide_8.12.3+3.5Wbeta-5.5_alpha.deb
Size/MD5 checksum: 440712 b22b97caba3652ef2a7d9f35633e3040
ARM architecture:
http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.12.3-6.
6_arm.deb
Size/MD5 checksum: 247568 ac8f0778eb56f7c0a852fdc54ef071b1
http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.12.3-6.6_arm
.deb
Size/MD5 checksum: 979454 6b9898686e6361abe657c5fd75d962c5
http://security.debian.org/pool/updates/main/s/sendmail-wide/
sendmail-wide_8.12.3+3.5Wbeta-5.5_arm.deb
Size/MD5 checksum: 369568 3baf5caa46b2c9d0b67c6d60f47d8030
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.12.3-6.
6_i386.deb
Size/MD5 checksum: 237374 0662e6e9bb58db37a1d8f511e4ba2fce
http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.12.3-6.6_i38
6.deb
Size/MD5 checksum: 917848 3717265bb7ed3f5bd81fb9a712826cec
http://security.debian.org/pool/updates/main/s/sendmail-wide/
sendmail-wide_8.12.3+3.5Wbeta-5.5_i386.deb
Size/MD5 checksum: 328914 23af5c312cef6a53f000f4663980b11d
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.12.3-6.
6_ia64.deb
Size/MD5 checksum: 282028 a35b9ca4cfc7a1c1ec6bdb1f2e00d8bb
http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.12.3-6.6_ia6
4.deb
Size/MD5 checksum: 1332734 9f4ae78c3aa4644366e7e3f4bb787096
http://security.debian.org/pool/updates/main/s/sendmail-wide/
sendmail-wide_8.12.3+3.5Wbeta-5.5_ia64.deb
Size/MD5 checksum: 575024 9e4283bf8427361959efc71fa10b47db
HP Precision architecture:
http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.12.3-6.
6_hppa.deb
Size/MD5 checksum: 261692 a91642fb4a90687c7d318342cac40b81
http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.12.3-6.6_hpp
a.deb
Size/MD5 checksum: 1081070 f8359f91edc1a1587de9ef3fee05e48a
http://security.debian.org/pool/updates/main/s/sendmail-wide/
sendmail-wide_8.12.3+3.5Wbeta-5.5_hppa.deb
Size/MD5 checksum: 413758 f7ebfefbe7bc3a212a0233531969d6ce
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.12.3-6.
6_m68k.deb
Size/MD5 checksum: 231156 5a6f6c5597d65c625a8f93bca3ba91c7
http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.12.3-6.6_m68
k.deb
Size/MD5 checksum: 865868 3f8e05c30f67a10b3148868b884b181a
http://security.debian.org/pool/updates/main/s/sendmail-wide/
sendmail-wide_8.12.3+3.5Wbeta-5.5_m68k.deb
Size/MD5 checksum: 300824 fcfe51748953a3cbec6b67ec6b59c815
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.12.3-6.
6_mips.deb
Size/MD5 checksum: 255192 f6e277fc5dd3aad2471224cd5a93d8b2
http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.12.3-6.6_mip
s.deb
Size/MD5 checksum: 1022140 9ffa270d18fcff47eb50a379abf83423
http://security.debian.org/pool/updates/main/s/sendmail-wide/
sendmail-wide_8.12.3+3.5Wbeta-5.5_mips.deb
Size/MD5 checksum: 378446 3eb569322bf2ca44efad2e619ac60e09
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.12.3-6.
6_mipsel.deb
Size/MD5 checksum: 254886 1671ae782111b31689db3cdcc8a685ca
http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.12.3-6.6_mip
sel.deb
Size/MD5 checksum: 1022564 2c6d07a51a6799b3adf0465708ea965a
http://security.debian.org/pool/updates/main/s/sendmail-wide/
sendmail-wide_8.12.3+3.5Wbeta-5.5_mipsel.deb
Size/MD5 checksum: 380428 af4eb3885b34141ac8ca280d9588c236
PowerPC architecture:
http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.12.3-6.
6_powerpc.deb
Size/MD5 checksum: 257296 6327996cfa6ba83133ca891e9ee7e06b
http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.12.3-6.6_pow
erpc.deb
Size/MD5 checksum: 978630 a328cc8608dfe496bacb51984a813eff
http://security.debian.org/pool/updates/main/s/sendmail-wide/
sendmail-wide_8.12.3+3.5Wbeta-5.5_powerpc.deb
Size/MD5 checksum: 363018 a7310a71887232474be479fdc0dc8846
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.12.3-6.
6_s390.deb
Size/MD5 checksum: 242622 86d18643513d01467640277260d5faf4
http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.12.3-6.6_s39
0.deb
Size/MD5 checksum: 966352 db7b4c5516759dde0c244f87394e206a
http://security.debian.org/pool/updates/main/s/sendmail-wide/
sendmail-wide_8.12.3+3.5Wbeta-5.5_s390.deb
Size/MD5 checksum: 354934 7d9e5afceef87330409cc68a284e0b99
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.12.3-6.
6_sparc.deb
Size/MD5 checksum: 245326 d2c2c75a72bb25db831cf200aaa84ae2
http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.12.3-6.6_spa
rc.deb
Size/MD5 checksum: 982550 7e755b31bb2b0db5aa82ca5f516ac46d
http://security.debian.org/pool/updates/main/s/sendmail-wide/
sendmail-wide_8.12.3+3.5Wbeta-5.5_sparc.deb
Size/MD5 checksum: 356148 c330e1560c9b37e25dd73947fe6fbc22
补丁安装方法:
1. 手工安装补丁包:
首先,使用下面的命令来下载补丁软件:
# wget url (url是补丁下载链接地址)
然后,使用下面的命令来安装补丁:
# dpkg -i file.deb (file是相应的补丁名)
2. 使用apt-get自动安装补丁包:
首先,使用下面的命令更新内部数据库:
# apt-get update
然后,使用下面的命令安装更新软件包:
# apt-get upgrade
FreeBSD
-------
FreeBSD已经发布了一个安全公告FreeBSD-SA-03:13.sendmail以修复此漏洞:
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:13.sendmail.asc
您可以下载针对FreeBSD 5.1, 4.8, 以及 4.7的安全补丁:
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:13/sendmail.patch
然后以root身份执行下列命令:
# cd /usr/src
# patch < /path/to/patch
# cd /usr/src/lib/libsm
# make obj && make depend && make
# cd /usr/src/lib/libsmutil
# make obj && make depend && make
# cd /usr/src/usr.sbin/sendmail
# make obj && make depend && make && make install
重新启动sendmail:
# /bin/sh /etc/rc.sendmail restart
IBM
---
IBM
AIX安全小组会发布以下APAR修复这个漏洞:
AIX 4.3.3的APAR编号: IY48659 (大约在10/03/03发布)
AIX 5.1.0的APAR编号: IY48658 (大约在10/15/03发布)
AIX 5.2.0的APAR编号: IY48657 (大约在10/29/03发布)
IBM很快就会发布efix补丁。可从以下位置获得efxi补丁:
ftp://ftp.software.ibm.com/aix/efixes/security/sendmail_4_efix.tar.Z
MandrakeSoft
------------
MandrakeSoft已经为此发布了一个安全公告(MDKSA-2003:092)以及相应补丁:
MDKSA-2003:092:Updated sendmail packages fix buffer overflow vulnerability
链接:http://www.linux-mandrake.com/en/security/2003/2003-092.php
补丁下载:
Updated Packages:
Corporate Server 2.1:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/
sendmail-8.12.6-3.5mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/
sendmail-cf-8.12.6-3.5mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/
sendmail-devel-8.12.6-3.5mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/RPMS/
sendmail-doc-8.12.6-3.5mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/corporate/2.1/SRPMS
/
sendmail-8.12.6-3.5mdk.src.rpm
Mandrake Linux 8.2:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.2/RPMS/
sendmail-8.12.1-4.5mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.2/RPMS/
sendmail-cf-8.12.1-4.5mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.2/RPMS/
sendmail-devel-8.12.1-4.5mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.2/RPMS/
sendmail-doc-8.12.1-4.5mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.2/SRPMS/
sendmail-8.12.1-4.5mdk.src.rpm
Mandrake Linux 8.2/PPC:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.2/RPMS/
sendmail-8.12.1-4.5mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.2/RPMS/
sendmail-cf-8.12.1-4.5mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.2/RPMS/
sendmail-devel-8.12.1-4.5mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.2/RPMS/
sendmail-doc-8.12.1-4.5mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/8.2/SRPMS/
sendmail-8.12.1-4.5mdk.src.rpm
Mandrake Linux 9.0:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/
sendmail-8.12.6-3.5mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/
sendmail-cf-8.12.6-3.5mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/
sendmail-devel-8.12.6-3.5mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/RPMS/
sendmail-doc-8.12.6-3.5mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.0/SRPMS/
sendmail-8.12.6-3.5mdk.src.rpm
Mandrake Linux 9.1:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.1/RPMS/
sendmail-8.12.9-1.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.1/RPMS/
sendmail-cf-8.12.9-1.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.1/RPMS/
sendmail-devel-8.12.9-1.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.1/RPMS/
sendmail-doc-8.12.9-1.2mdk.i586.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/9.1/SRPMS/
sendmail-8.12.9-1.2mdk.src.rpm
Mandrake Linux 9.1/PPC:
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/9.1/RPMS/
sendmail-8.12.9-1.2mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/9.1/RPMS/
sendmail-cf-8.12.9-1.2mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/9.1/RPMS/
sendmail-devel-8.12.9-1.2mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/9.1/RPMS/
sendmail-doc-8.12.9-1.2mdk.ppc.rpm
ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/ppc/9.1/SRPMS/
sendmail-8.12.9-1.2mdk.src.rpm
上述升级软件还可以在下列地址中的任意一个镜像ftp服务器上下载:
http://www.mandrakesecure.net/en/ftp.php
RedHat
------
RedHat已经为此发布了一个安全公告(RHSA-2003:283-01)以及相应补丁:
RHSA-2003:283-01:Updated Sendmail packages fix vulnerability.
链接:https://www.redhat.com/support/errata/RHSA-2003-283.html
补丁下载:
Red Hat Linux 7.1:
SRPMS:
ftp://updates.redhat.com/7.1/en/os/SRPMS/sendmail-8.11.6-27.71.src.rpm
i386:
ftp://updates.redhat.com/7.1/en/os/i386/sendmail-8.11.6-27.71.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/sendmail-doc-8.11.6-27.71.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/sendmail-devel-8.11.6-27.71.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/sendmail-cf-8.11.6-27.71.i386.rpm
Red Hat Linux 7.2:
SRPMS:
ftp://updates.redhat.com/7.2/en/os/SRPMS/sendmail-8.11.6-27.72.src.rpm
i386:
ftp://updates.redhat.com/7.2/en/os/i386/sendmail-8.11.6-27.72.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/sendmail-doc-8.11.6-27.72.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/sendmail-devel-8.11.6-27.72.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/sendmail-cf-8.11.6-27.72.i386.rpm
ia64:
ftp://updates.redhat.com/7.2/en/os/ia64/sendmail-8.11.6-27.72.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/sendmail-doc-8.11.6-27.72.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/sendmail-devel-8.11.6-27.72.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/sendmail-cf-8.11.6-27.72.ia64.rpm
Red Hat Linux 7.3:
SRPMS:
ftp://updates.redhat.com/7.3/en/os/SRPMS/sendmail-8.11.6-27.73.src.rpm
i386:
ftp://updates.redhat.com/7.3/en/os/i386/sendmail-8.11.6-27.73.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/sendmail-doc-8.11.6-27.73.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/sendmail-devel-8.11.6-27.73.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/sendmail-cf-8.11.6-27.73.i386.rpm
Red Hat Linux 8.0:
SRPMS:
ftp://updates.redhat.com/8.0/en/os/SRPMS/sendmail-8.12.8-9.80.src.rpm
i386:
ftp://updates.redhat.com/8.0/en/os/i386/sendmail-8.12.8-9.80.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/sendmail-doc-8.12.8-9.80.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/sendmail-devel-8.12.8-9.80.i386.rpm
ftp://updates.redhat.com/8.0/en/os/i386/sendmail-cf-8.12.8-9.80.i386.rpm
Red Hat Linux 9:
SRPMS:
ftp://updates.redhat.com/9/en/os/SRPMS/sendmail-8.12.8-9.90.src.rpm
i386:
ftp://updates.redhat.com/9/en/os/i386/sendmail-8.12.8-9.90.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/sendmail-doc-8.12.8-9.90.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/sendmail-devel-8.12.8-9.90.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/sendmail-cf-8.12.8-9.90.i386.rpm
可使用下列命令安装补丁:
rpm -Fvh [文件名]
Sendmail Consortium
-------------------
Sendmail Consortium建议站点尽快升级到8.12.10。此外,可以在http://www.sendmail.o
rg/
获得8.9,8.10,8.11和8.12补丁。
Sendmail 8.12.10下载地址:
http://www.sendmail.org/8.12.10.html
您也可以采用如下补丁:
Index: parseaddr.c
===================================================================
RCS file: /cvs/src/gnu/usr.sbin/sendmail/sendmail/parseaddr.c,v
retrieving revision 1.16
diff -u -r1.16 parseaddr.c
--- parseaddr.c 29 Mar 2003 19:44:01 -0000 1.16
+++ parseaddr.c 16 Sep 2003 17:37:26 -0000
-700,7 +700,11
addr[MAXNAME] = '\0';
returnnull:
if (delimptr != NULL)
+ {
+ if (p > addr)
+ p--;
*delimptr = p;
+ }
CurEnv->e_to = saveto;
return NULL;
}
Sun
---
Sun承认在Solaris 7,8和9上最近版本的sendmail 8.12.10受这个漏洞影响。
Sun很快就会在发布一个针对此漏洞的Sun安全公告:
http://sunsolve.Sun.COM/pub-cgi/retrieve.pl?doc=fsalert/56860
目前还没有补丁。
参考连接:
http://marc.theaimsgroup.com/?l=bugtraq&m=106381604923204&w=2
https://www.redhat.com/support/errata/RHSA-2003-283.html
http://www.debian.org/security/2002/dsa-384
http://www.linux-mandrake.com/en/security/2003/2003-092.php
http://www.cert.org/advisories/CA-2003-25.html
http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000742
--
※ 来源:·哈工大紫丁香 bbs.hit.edu.cn·[FROM: 202.118.228.146]
--
※ 转载:.哈工大紫丁香 bbs.hit.edu.cn.[FROM: 202.118.228.146]
Powered by KBS BBS 2.0 (http://dev.kcn.cn)
页面执行时间:208.272毫秒