Re: saslauthd for sendmail SMTP relay

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

Bernd Bartmann wrote:

It did start without any problems. Looks like I found the cause. From
the logs I see that someone tried a brute force attach on the SMTP
relay with several username / password combinations. Then one of the
attempts lead to a segfault of saslauth. Which probably means that
there is a bug in saslauthd as it should not be possible to crash a
service just by suppling a "weird" comibination of input data.
Sounds to me like you should consider running SELinux - that is if you aren't already :-) . Of course it won't solve the segfault, but it should restrict any damage a compromised saslauthd process can do. 

Anyway, glad you're on track again.

Ian

<<attachment: smime.p7s>>

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux