Security researchers from Internet Security Systems’ X-Force group are warning of a critical vulnerability within Sendmail. According to ISS, all versions of the widely used E-mail application from 5.2 on are vulnerable to a potential buffer-overflow attack.
In its alert, Internet Security Systems says vulnerable E-mail systems could experience, if attacked, everything from extremely low performance to "complete unresponsiveness." Data integrity of incoming and outgoing E-mail could also be compromised, it warns. If exploited, a lot of Internet communication could be disrupted, including emergency services and telecommunication systems worldwide.

Because of the pervasiveness of Sendmail and the ability of this vulnerability to be exploited remotely, it can enable an attacker to gain root, or superuser access, meaning the attacker could do anything to a vulnerable server that an administrator would be able to do. Security researchers say a hacker also could attack the vulnerability from within an E-mail message without having to know anything specific about the targeted system’s configuration.

According to the alert, security applications such as firewalls and packet filters won’t be able to protect users from attack against this vulnerability. It’s estimated that up to 75% of all Internet E-mail traffic flows through systems that run Sendmail.

ISS says the software vulnerability occurs when Sendmail uses a Simple Mail Transfer Protocol transaction and attempts to evaluate whether E-mail addresses, or lists of addressed, within the "To," "From," and "cc:" fields are valid.

Sendmail Inc. and the Sendmail Consortium say Sendmail 8.12.8, which contains a fix for this critical vulnerability, is available. Users are urged to upgrade to this latest version or apply patches to older versions which are available at http://www.sendmail.org/.

"SMTP is the foundation for Internet E-mail," says Pete Lindstrom, research director at SpireSecurity. "If you haven’t already begun doing so, now is a good time to begin hardening these systems."

Read the Full Article: InformationWeek

No tags for this poststyle="max-width:300px" />>Security researchers from Internet Security Systems’ X-Force group are warning of a critical vulnerability within Sendmail. According to ISS, all versions of the widely used E-mail application from 5.2 on are vulnerable to a potential buffer-overflow attack.
In its alert, Internet Security Systems says vulnerable E-mail systems could experience, if attacked, everything from extremely low performance to "complete unresponsiveness." Data integrity of incoming and outgoing E-mail could also be compromised, it warns. If exploited, a lot of Internet communication could be disrupted, including emergency services and telecommunication systems worldwide.

Because of the pervasiveness of Sendmail and the ability of this vulnerability to be exploited remotely, it can enable an attacker to gain root, or superuser access, meaning the attacker could do anything to a vulnerable server that an administrator would be able to do. Security researchers say a hacker also could attack the vulnerability from within an E-mail message without having to know anything specific about the targeted system’s configuration.

According to the alert, security applications such as firewalls and packet filters won’t be able to protect users from attack against this vulnerability. It’s estimated that up to 75% of all Internet E-mail traffic flows through systems that run Sendmail.

ISS says the software vulnerability occurs when Sendmail uses a Simple Mail Transfer Protocol transaction and attempts to evaluate whether E-mail addresses, or lists of addressed, within the "To," "From," and "cc:" fields are valid.

Sendmail Inc. and the Sendmail Consortium say Sendmail 8.12.8, which contains a fix for this critical vulnerability, is available. Users are urged to upgrade to this latest version or apply patches to older versions which are available at http://www.sendmail.org/.

"SMTP is the foundation for Internet E-mail," says Pete Lindstrom, research director at SpireSecurity. "If you haven’t already begun doing so, now is a good time to begin hardening these systems."

Read the Full Article: InformationWeek

No tags for this post.

This entry was posted on Tuesday, March 4th, 2003 at 8:50 am and is filed under News, and is tagged with . You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.