Sendmail has released an advisory related to a vulnerability in
all versions of sendmail 8 previous to 8.13.6 of this popular MTA. The advisory includes the commercial versions of products using sendmail. http://www.sendmail.com/company/advisory/ and it has CVE entry CVE-2006-0058 Impact: the attacker could run arbitrary commands. Mitigation: upgrade to 8.13.6, apply the patch, or setting the RunAsUser option in the configuration file. This one looks bad. Update: as more information becomes available this is starting too look worse. Patch or upgrade NOW! Cheers, Adrien |
Adrien de Beaupre 353 Posts ISC Handler Mar 22nd 2006 |
Thread locked Subscribe |
Mar 22nd 2006 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!