Vulnerability in sendmail 8.13.1-3.RHEL4.5, but still there's no updates!

Support for security such as Firewalls and securing linux
Post Reply
static
Posts: 4
Joined: 2006/12/05 23:30:04

Vulnerability in sendmail 8.13.1-3.RHEL4.5, but still there'

Post by static » 2006/12/06 00:17:08

Im using sendmail 8.13.1-3.RHEL4.5, because that is the latest version in CentOS official mirrors.
And until this day, there is no updates for it. Аt the same time this version si vulnerable for [url=http://securitydot.net/xpl/exploits/vulnerabilities/articles/1186/exploit.html]Sendmail <= 8.13.5 Remote Signal Handling Exploit PoC[/url]
Please update your packages.

NedSlider
Forum Moderator
Posts: 2890
Joined: 2005/10/28 13:11:50
Location: UK

Re: Vulnerability in sendmail 8.13.1-3.RHEL4.5, but still there's no updates!

Post by NedSlider » 2006/12/06 22:38:20

https://www.redhat.com/advice/speaks_backport.html

If you check the source, I suspect you'll find the patch was back ported into the version you have.

static
Posts: 4
Joined: 2006/12/05 23:30:04

Re: Vulnerability in sendmail 8.13.1-3.RHEL4.5, but still there's no updates!

Post by static » 2006/12/07 16:40:19

OMG!
Actually i was DoSed by that thing.
If you don't beliеve me, try it on your box by yourself :)

Post Reply

Return to “CentOS 4 - Security Support”