Sendmail vulnerabilities

Summary

Assorted sendmail vulnerabilities.

The problems

Note: this text was adapted from Cert Advisory CA-95:05 of February 22, 1995.

With almost every sendmail version that was built before February 1995, a malicious user can gain unauthorized privileges by exploiting newlines in command-line arguments or in the process environment. Intruders need to have access to an account on your system to exploit this problem.

In addition, pre-8.6.10 versions of sendmail that support IDENT (RFC 1413) functionality have a problem that could allow an intruder to gain unauthorized access to your system remotely (that is, without having access to an account on the system).

Fix

Replace sendmail by a more recent version, for example from ftp.cs.berkeley.edu:/ucb/sendmail, or use a corrected version from your vendor.
Contact your vendor for information on how to get the latest fixed/patched versions of sendmail.
Consult Cert Advisory CA-95:05 for more information.

Other tips

See the Admin Guide to Cracking for an example of why this is a problem.