I know this is not list specific, but I also know many of you are
running your lists on sendmail MTAs.
http://www.sendmail.com/security/
SECURITY ALERT
Today Internet Security Systems and the Sendmail Consortium announced the
discovery of a security vulnerability in the sendmail mail transfer agent.
This vulnerability is serious, and Sendmail, Inc. urges customers to
apply the supplied security patch as soon as possible.
The vulnerability derives from a potential buffer overflow in sendmail's
header handling code. In a worst-case scenario, the vulnerability
provides the ability for an attacker to remotely gain root access to
the targeted system.
While there have been no known exploits of this vulnerability to this
point, we believe that unpatched systems could become exploitable
very soon.
--
/ \__ | Richard Rognlie / Sendmail Ninja / Gamerz.NET Lackey
\__/ \ | http://www.gamerz.net/rrognlie/ <rrognlie@gamerz.net>
/ \__/ | Today is the first day of the rest of your life. Of course,
\__/ | so was yesterday, and look how you screwed *that* up...
|
|
