Re: Sendmail CVE-2009-4565 CERT

DShinn · ‎01-14-2010

Does anyone know what the plan is to address this CERT?

Thank-you,

Dorothy

Steven E. Protter · ‎01-14-2010

Shalom Dorothy,

HP addresses all important CERT warnings on sendmail.

The initial response is usually a replacement for the sendmail binary file. It is then followed up, sometimes much later with a new depot based release of sendmail.

SEP

Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com

DShinn · ‎01-14-2010

Thank-you for the information! Probably the latest CERT will be addressed within a timely manner?

Mark Nierth · ‎02-18-2010

Hi Dorothy,
I opened a case with HP on this CVE last month and here is their response.

I looked into the new vulnerability, CVE-2009-4565. I checked with our Level 3 group and it is a new issue. A new Service Request was started for this vulnerability and a CR, QXCR1001004856 was created. They are working on a fix.

The Level 3 people did tell me that if not using TLS / STARTLS there is no possibility of an exploit.

As of yet, I haven't seen a fix yet.

Mark

DShinn · ‎02-18-2010

Mark,

Thank-you for posting the information! Will pass along this information to my management.

Thanks again!

Dorothy

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: Sendmail CVE-2009-4565 CERT

Sendmail CVE-2009-4565 CERT