|
Note: This is an archival copy of Security Sun Alert 200777 as previously published on http://sunsolve.sun.com. Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000594.1. |
Category Security Release Phase Resolved 4826559, 16402 Date of Workaround Release 06-MAR-2003 Date of Resolved Release 02-JUN-2003 Impact A local or remote unprivileged user may be able to gain unauthorized root access or cause a Denial of Service (DoS) due to a buffer overflow in the sendmail(1M) daemon. This is described in ISS Security Bulletin 21950 available from http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950. This issue is also described in CERT Vulnerability VU#398025 (see http://www.kb.cert.org/vuls/id/398025) which is referenced in CERT Advisory CA-2003-07 (see http://www.cert.org/advisories/CA-2003-07.html). Sun acknowledges with thanks, Internet Security Systems (ISS), (http://www.iss.net) for bringing this issue to our attention. Please note that:
For more information see:
Contributing Factors This issue can occur in the following releases: Linux
Note: Sun Linux 5.0 is currently shipped with the Sun LX50 Server. Cobalt
Note: By default, all systems are potentially vulnerable to this issue. Systems are vulnerable if they have a sendmail daemon running. This can be confirmed by the following command: $ /bin/ps xa | grep sendmail Symptoms There are no reliable symptoms that would show the described issue has been exploited to gain unauthorized root access to a system. There are no reliable symptoms that would show the described issue has been exploited to gain unauthorized root access to a host. The denial of service symptom would show that sendmail is no longer running. If the sendmail(1M) daemon is no longer running the system may have encountered the described issue. The following command can be executed to check if the sendmail(1M) daemon is running on the system: $ /bin/ps xa | grep sendmail Workaround Until patches can be applied, sites may wish to block access to the affected service from untrusted networks such as the Internet or disable the daemon where possible. Use a firewall or other packet-filtering technology to block the appropriate network ports. Consult your vendor or your firewall documentation for detailed instructions on how to configure the ports. To disable sendmail(1M) the following commands can be executed as root: # /etc/init.d/sendmail stop Note: This will prevent e-mail messages from being able to be received on the system until sendmail(1M) is started again with the command: # /etc/init.d/sendmail start Resolution This issue is addressed in the following releases: Linux Instructions for downloading the Linux packages can be found in 1234813.1 in MyOracleSupport.Cobalt
Instructions for downloading the Cobalt packages can also be found in 1234813.1 in MyOracleSupport. Modification History Date: 07-MAR-2003
Date: 02-JUN-2003
Product Sun Linux 5.0 olaf.reineke@sun.com Buffer Overflow Attachments This solution has no attachment | |||||||||||||||
|
|