Showing results for 
Search instead for 
Did you mean: 

Sendmail and Linux Bug

Berlene Herren
Honored Contributor

Sendmail and Linux Bug

Sendmail Workaround for Linux Capabilities Bug

The Sendmail Consortium and Sendmail, Inc. has been informed of a serious problem in the Linux kernel that can be used to get root
access. This is not a sendmail security problem, although sendmail is one of the vectors for this attack.


There is a bug in the Linux kernel capability model for versions
through 2.2.15 that allows local users to get root. Sendmail is one of the programs that can be attacked this way. This problem
may occur in other capabilities-based kernels.


The correct fix is to update your Linux kernel to version 2.2.16. This is the only way to ensure that other programs
running on Linux cannot be attacked by this bug.