This was reported by Dan Ingevaldson, team leader of X-Force research and development at ISS, who first discovered the vulnerability. http://www.linuxworld.com/go.cgi?id=741963
"What makes the new vulnerability particularly pernicious is that attackers would need to know little about the server they were attacking other than its Internet address. It's quite a dangerous vulnerability because an exploit could be contained in the e-mail message itself. The attacker doesn't need to set up an elaborate system to launch the attack. They could just send an e-mail message to a server, and if the server is vulnerable the attack would be launched.
The combination of freely visible source code, a severe and remotely exploitable vulnerability, and an enormous installed base of vulnerable servers make the new Sendmail vulnerability an extremely high-value target for the hacking community, according to Ingevaldson.
That means that it is critical for affected organizations to patch their servers.
Once an exploit is published, all bets are off. The window of vulnerability has decreased. there have been some very robust powerful exploits released within a few months of the exploit being published, so if patching was not a big deal before, it is now."
Steven E Protter Owner of ISN Corporation http://isnamerica.com http://hpuxconsulting.com Sponsor: http://hpux.ws Twitter: http://twitter.com/hpuxlinux Founder http://newdatacloud.com
Any flavor of Unix needs to be patched. the group "LSD" has proven Tuesday to break into Redhat and Debian so far. All relevant patches are now available at:
Of course BSD and others also have patches avail, just do not have the links right here in front of me. I have seen that SuSE, Redhat, Connectiva, and Mandrake have these on thier FTPs now.
