topic Re: sendmail 8.11.1 in Operating System - HP-UX

sendmail 8.11.1

Peter Gillis — Fri, 15 Aug 2003 00:13:40 GMT

Hi, (op sys ux 11.00)
Have upgraded to sendmail 8.11.1. but appear still to be vulnerable to the remote buffer overflow problem. Have the following patches loaded: PHKL_18799 PHNE_17190 PHNE_24419 PHNE_26304 AND SMAIL-811. Am I still missing something?
Also, is there a way to disable the use of smrsh in sendmail?

Thanks, Maria.

Re: sendmail 8.11.1

Paulo A G Fessel — Fri, 15 Aug 2003 13:09:18 GMT

Unless you have very specific features enabled in sendmail, I think it's interesting that you consider changing your mail system to Postfix. It's absolutely safer than sendmail, understands sendmail's configuration files and is faster and lighter than sendmail.

The link for Postfix is http://www.postfix.org. Binaries for HP-UX and other information can be found at http://www.stahl.bau.tu-bs.de/~hildeb/postfix.

HTH
Paulo Fessel

Re: sendmail 8.11.1

Mark Greene_1 — Fri, 15 Aug 2003 14:32:56 GMT

Go here:

http://www.software.hp.com/ISS_products_list.html

And download security_patch_check and run it once a week or so. Be sure to always run it with the -r option to refresh the catalog.

mark

Re: sendmail 8.11.1

Jairo Campana — Fri, 15 Aug 2003 14:48:15 GMT

SMRSH IN SENDMAIL
If Sendmail is using smrsh, then the only programs that can be executed are those under the /etc/smrsh/ directory. Perhaps the best solution to run the wrapper from the aliases file is to create a symbolic link from /etc/smrsh/wrapper to /usr/local/majordomo-1.94.5/wrapper. [root@kes smrsh]# ln -s /usr/local/majordomo-1.94.5/wrapper wrapper

A second solution is to actually move the wrapper into the /etc/smrsh/ directory. [root@kes smrsh]# mv /usr/local/majordomo-1.94.5/wrapper ./

If security is not a major concern, the secure shell can be disabled. One fairly crude method is simply to delete /usr/sbin/smrsh and copy or link /bin/sh in its place. [root@kes sbin]# rm -f smrsh
[root@kes sbin]# ln -s /bin/sh smrsh

A better (but more difficult) method is to edit sendmail.cf. Change the reference from /usr/sbin/smrsh Mprog, P=/usr/sbin/smrsh, F=lsDFMoqeu9, S=10/30, R=20/40, D=$z:/,
T=X-Unix,
A=sh -c $u

to /bin/sh Mprog, P=/bin/sh, F=lsDFMoqeu9, S=10/30, R=20/40, D=$z:/,
T=X-Unix,
A=sh -c $u

Advantage: This will prevent this class of vulnerability being
exploited on your system without requiring a new version of
sendmail(8) to be installed. Mailing to unauthorised programs
will no longer work.
Disadvantage: If a program is not authorised by smrsh, any attempt
to use it via mail will cause an error reply to be generated.
System administrators should check their aliases and all
.forward files for any configuration that mails to a program.
These configurations will generate an error reply on every
message mailed if that program is not authorised for use by smrsh.
If the .forward file contains something similar to:
\user, "| /usr/ucb/vacation user"
then mail will still be delivered to "user", but an error reply
(not the vacation message) will be returned to the sender if
vacation is not authorised for use by smrsh.