Page 1 of 1

Vulnerability in sendmail 8.13.1-3.RHEL4.5, but still there'

Posted: 2006/12/06 00:17:08
by static
Im using sendmail 8.13.1-3.RHEL4.5, because that is the latest version in CentOS official mirrors.
And until this day, there is no updates for it. Аt the same time this version si vulnerable for [url=http://securitydot.net/xpl/exploits/vulnerabilities/articles/1186/exploit.html]Sendmail <= 8.13.5 Remote Signal Handling Exploit PoC[/url]
Please update your packages.

Re: Vulnerability in sendmail 8.13.1-3.RHEL4.5, but still there's no updates!

Posted: 2006/12/06 22:38:20
by NedSlider
https://www.redhat.com/advice/speaks_backport.html

If you check the source, I suspect you'll find the patch was back ported into the version you have.

Re: Vulnerability in sendmail 8.13.1-3.RHEL4.5, but still there's no updates!

Posted: 2006/12/07 16:40:19
by static
OMG!
Actually i was DoSed by that thing.
If you don't beliеve me, try it on your box by yourself :)