Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

[CLA-2002:514] Conectiva Linux Security Announcement - sendmail

From: secure () conectiva com br
Date: Mon, 5 Aug 2002 15:17:17 -0300
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
CONECTIVA LINUX SECURITY ANNOUNCEMENT 
- --------------------------------------------------------------------------

PACKAGE   : sendmail
SUMMARY   : Local Denial of Service
DATE      : 2002-08-05 14:57
ID        : CLA-:-1
RELEVANT
RELEASES  : 6.0, 7.0, 8

- -------------------------------------------------------------------------

DESCRIPTION
 Sendmail is a widely used Mail Transfer Agent (MTA).
 
 As publicized[1] by lumpy  and reported in the
 sendmail website, a local user can stop the mail service (in the
 sense of "freezing" some operations) by holding an exclusive reading
 lock on some specific sendmail files (using a system call like
 flock()). In order to do that, the user must have permission to read
 the file. One example of such a file is /var/log/sendmail.st, which
 is world readable by default.
 
 By exploiting this vulnerability, a malicious local user can delay
 (for an undetermined amount of time) the e-mail delivery, thus
 characterizing a Denial of Service (DoS) attack.


SOLUTION
 The current solution is to allow only root and users belonging to the
 mail group to read the files which are written by sendmail and its
 utilities (like newaliases).
 
 In order to do so, just run the following commands (as root user):
 
  chmod 0640 /etc/mail/*.db
  chmod 0640 /var/log/sendmail.st
 
 The given change does not affect the sendmail functionality and is
 the recommended procedure for all users.
 
 It is possible to obtain a list of users and programs which are
 acessing some file (and possibly locking it) with the lsof command,
 as seen in the example below:
 
  lsof /var/log/sendmail.st
 
 
 REFERENCES:
 1.http://www.sendmail.org/LockingAdvisory.txt
 2.http://distro.conectiva.com.br/bugzilla/show_bug.cgi?id=6350


- -------------------------------------------------------------------------
All our advisories and generic update instructions can be viewed at
http://distro.conectiva.com.br/atualizacoes/?idioma=en

- -------------------------------------------------------------------------
subscribe: conectiva-updates-subscribe () papaleguas conectiva com br
unsubscribe: conectiva-updates-unsubscribe () papaleguas conectiva com br
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQE9Tr5F42jd0JmAcZARAsuqAJ9pcuoM592BRwGkBDEizLsbXcdAxgCgwz1V
8XwS24aCWX8LVMdWYANMNLA=
=GYjp
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: