News Stay informed about the latest enterprise technology news and product updates.

Sendmail vulnerable to DoS attacks

Popular open-source mail agent Sendmail contains a remotely exploitable vulnerability that could cause a system to crash. Also, Turbolinux has warned of flaws in GNOME and Perl.

Several versions of the popular open-source mail transfer agent Sendmail are vulnerable to remote denial-of-service attacks, according to an alert issued by the FreeBSD Project.

Sendmail versions 8.12.0 through 8.12.8 are susceptible to remote exploit of a vulnerability in the code that implements DNS (domain name system) maps. An attacker sending a malformed DNS reply packet could cause Sendmail to call "free ()" on an uninitialized pointer. Such a call could cause a Sendmail child process to crash, said FreeBSD in an advisory.

Sendmail is widely implemented in enterprises as part of several Linux and Unix distributions. Administrators are urged to upgrade to Sendmail 8.12.9 or apply a patch available at or from their distributors.

No workarounds are available, the alert said.

"It may also be possible for an attacker to somehow influence the value of the 'uninitialized pointer' and cause an arbitrary memory trunk to be freed. This could further lead to some other exploitable vulnerability, although no such cases are known at this time," FreeBSD said.

SuSE Linux AG, Nuremberg, Germany, warned that versions 8.0, 8.1 and 8.2 of SuSE Enterprise Server 8 contain vulnerable versions of Sendmail.

Two warnings from Turbolinux

Turbolinux, a leading Linux distributor in Asia, issued a security alert this week warning enterprises of multiple vulnerabilities in the GNOME display manager (GDM) and a cross-scripting vulnerability in Perl.

GDM contains a flaw in the X Display Manager Control Protocol, which is enabled by default. An attacker exploiting this flaw could crash a system, Turbolinux said. The company also warned of a flaw where GDM runs as root when it uses its "examine session errors" feature. The coding bug allows local users to read any text file on the system simply by creating a symlink, the advisory said.

Turbolinux Server versions 6.1, 6.5, 7 and 8 are affected, as are Advanced Server 6 and Workstation versions 6.0, 7 and 8. The vendor advises administrators to use the turbopkg tool to update their systems.

The same versions of Turbolinux Server, Advanced Server and Workstations are also plagued by a vulnerability in Perl, a high-level programming language. Attackers exploiting the flaw could execute Web script, Turbolinux said. Again, Turbolinux advises users to repair their systems by using the turbopkg tool.

FOR MORE INFORMATION: news exclusive: "GNU dodges bullet after security breach" news exclusive: "2.6 kernel cures some security shortcomings" Ask the Experts news exclusive: "Linux security -- The seven deadly sins" news exclusive: "Is Linux security right for you? Expert offers guidance"

FEEDBACK: What security shortcomings are present in Linux today?
Send your feedback to the news team.

Dig Deeper on Linux servers

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.