Sendmail vulnerable to DoS attacks

Popular open-source mail agent Sendmail contains a remotely exploitable vulnerability that could cause a system to crash. Also, Turbolinux has warned of flaws in GNOME and Perl.

This Content Component encountered an error

Several versions of the popular open-source mail transfer agent Sendmail are vulnerable to remote denial-of-service attacks, according to an alert issued by the FreeBSD Project.

Sendmail versions 8.12.0 through 8.12.8 are susceptible to remote exploit of a vulnerability in the code that implements DNS (domain name system) maps. An attacker sending a malformed DNS reply packet could cause Sendmail to call "free ()" on an uninitialized pointer. Such a call could cause a Sendmail child process to crash, said FreeBSD in an advisory.

Sendmail is widely implemented in enterprises as part of several Linux and Unix distributions. Administrators are urged to upgrade to Sendmail 8.12.9 or apply a patch available at Sendmail.org or from their distributors.

No workarounds are available, the alert said.

"It may also be possible for an attacker to somehow influence the value of the 'uninitialized pointer' and cause an arbitrary memory trunk to be freed. This could further lead to some other exploitable vulnerability, although no such cases are known at this time," FreeBSD said.

SuSE Linux AG, Nuremberg, Germany, warned that versions 8.0, 8.1 and 8.2 of SuSE Enterprise Server 8 contain vulnerable versions of Sendmail.

Two warnings from Turbolinux

Turbolinux, a leading Linux distributor in Asia, issued a security alert this week warning enterprises of multiple vulnerabilities in the GNOME display manager (GDM) and a cross-scripting vulnerability in Perl.

GDM contains a flaw in the X Display Manager Control Protocol, which is enabled by default. An attacker exploiting this flaw could crash a system, Turbolinux said. The company also warned of a flaw where GDM runs as root when it uses its "examine session errors" feature. The coding bug allows local users to read any text file on the system simply by creating a symlink, the advisory said.

Turbolinux Server versions 6.1, 6.5, 7 and 8 are affected, as are Advanced Server 6 and Workstation versions 6.0, 7 and 8. The vendor advises administrators to use the turbopkg tool to update their systems.

The same versions of Turbolinux Server, Advanced Server and Workstations are also plagued by a vulnerability in Perl, a high-level programming language. Attackers exploiting the flaw could execute Web script, Turbolinux said. Again, Turbolinux advises users to repair their systems by using the turbopkg tool.

FOR MORE INFORMATION:

SearchEnterpriseLinux.com news exclusive: "GNU dodges bullet after security breach"

SearchEnterpriseLinux.com news exclusive: "2.6 kernel cures some security shortcomings"

SearchEnterpriseLinux.com Ask the Experts

SearchEnterpriseLinux.com news exclusive: "Linux security -- The seven deadly sins"

SearchEnterpriseLinux.com news exclusive: "Is Linux security right for you? Expert offers guidance"

FEEDBACK: What security shortcomings are present in Linux today?
Send your feedback to the SearchEnterpriseLinux.com news team.

Dig deeper on Linux security risks and threats

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchDataCenter

SearchServerVirtualization

SearchCloudComputing

SearchEnterpriseDesktop

Close