topic Sendmail and Linux Bug in Operating System - Linux https://community.hpe.com/t5/operating-system-linux/sendmail-and-linux-bug/m-p/2425545#M80784 <BR /><BR />Sendmail Workaround for Linux Capabilities Bug<BR /><BR />The Sendmail Consortium and Sendmail, Inc. has been informed of a serious problem in the Linux kernel that can be used to get root<BR />access. This is not a sendmail security problem, although sendmail is one of the vectors for this attack.<BR /><BR />PROBLEM<BR /><BR />There is a bug in the Linux kernel capability model for versions<BR />through 2.2.15 that allows local users to get root. Sendmail is one of the programs that can be attacked this way. This problem<BR />may occur in other capabilities-based kernels.<BR /><BR />SOLUTION<BR /><BR />The correct fix is to update your Linux kernel to version 2.2.16. This is the only way to ensure that other programs<BR />running on Linux cannot be attacked by this bug.<BR /><BR />FYI <BR />Berlene Thu, 08 Jun 2000 17:25:20 GMT Berlene Herren 2000-06-08T17:25:20Z Sendmail and Linux Bug https://community.hpe.com/t5/operating-system-linux/sendmail-and-linux-bug/m-p/2425545#M80784 <BR /><BR />Sendmail Workaround for Linux Capabilities Bug<BR /><BR />The Sendmail Consortium and Sendmail, Inc. has been informed of a serious problem in the Linux kernel that can be used to get root<BR />access. This is not a sendmail security problem, although sendmail is one of the vectors for this attack.<BR /><BR />PROBLEM<BR /><BR />There is a bug in the Linux kernel capability model for versions<BR />through 2.2.15 that allows local users to get root. Sendmail is one of the programs that can be attacked this way. This problem<BR />may occur in other capabilities-based kernels.<BR /><BR />SOLUTION<BR /><BR />The correct fix is to update your Linux kernel to version 2.2.16. This is the only way to ensure that other programs<BR />running on Linux cannot be attacked by this bug.<BR /><BR />FYI <BR />Berlene Thu, 08 Jun 2000 17:25:20 GMT https://community.hpe.com/t5/operating-system-linux/sendmail-and-linux-bug/m-p/2425545#M80784 Berlene Herren 2000-06-08T17:25:20Z