- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: Sendmail Vulnerability
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-24-2011 11:51 PM
тАО01-24-2011 11:51 PM
Sendmail Vulnerability
Issue details:
We are using Sendmail to receive incoming mails to SAP application. We have received Security Alert for sendmail from security team.
Alert: There is a bug in sendmail that can allow any body to send a crafted email with code that can give them root access.
we have sendmail version 8.13.34 loaded in 11.31.
)#what /usr/sbin/sendmail | grep version
Sendmail version 8.13.3 - Revision 1.003:: HP-UX11.31 - 8th December,2008
)#swlist -l product | grep -i send
Sendmail C.8.13.3.4 Mail Transfer Protocol daemons and utilities
Does this version still have this bug or do I need to update it to 8.13.3.5 as per the reference given below
https://h20392.www2.hp.com/portal/swdepot/displayInstallInfo.do?productNumber=SMAIL813
https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=SMAIL813
Kindly help me with your inputs...
Thanks in Advance.
- Tags:
- sendmail
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-25-2011 06:13 AM
тАО01-25-2011 06:13 AM
Re: Sendmail Vulnerability
This should answer all of your questions.
Rick
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-25-2011 06:13 AM
тАО01-25-2011 06:13 AM
Re: Sendmail Vulnerability
So anything from this version...on will have the fix.
Regards,
Rita
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-25-2011 09:46 AM
тАО01-25-2011 09:46 AM
Re: Sendmail Vulnerability
Or if you BUILD your own Sendmail, always build from the latest Sendmail.Org sources.
Favourite Toy:
AMD Athlon II X6 1090T 6-core, 16GB RAM, 12TB ZFS RAIDZ-2 Storage. Linux Centos 5.6 running KVM Hypervisor. Virtual Machines: Ubuntu, Mint, Solaris 10, Windows 7 Professional, Windows XP Pro, Windows Server 2008R2, DOS 6.22, OpenFiler
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-28-2011 01:45 AM
тАО01-28-2011 01:45 AM
Re: Sendmail Vulnerability
As per your suggestion the tests are sucessful. We shall decide on updating it to the latest version.