Mail sent Mon, 1 Oct 2001 11:57:12 -0400 (EDT) Reply to lcamtuf at echelon.pl RAZOR Advisory: Multiple Local Sendmail Vulnerabilities ======================================================= Author: Michal Zalewski <lcamtuf at razor.bindview.com> Release Date: 10/01/2001 Assigned CVE numbers: CAN-2001-0713, CAN-2001-0714, CAN-2001-0715 Topic: ------ The Sendmail mail delivery subsystem is vulnerable to multiple local attacks that lead to information loss, information leaks and mail system compromise. Affected Systems: ----------------- The mail system privileges compromise affects Sendmail 8.12.0. Other problems affect all versions up to 8.12.0. Vulnerability 1: Mail System Compromise -- CAN-2001-0713 -------------------------------------------------------- Sendmail 8.12.0, in its default installation, is no longer using a setuid root binary to manipulate the mail queue and submit mail. This security enhancement is supposed to minimize the eventual impact of local Sendmail vulnerabilities. The new Sendmail binary is setgid smmsp, where smmsp is a special group with read-write queue access permissions.
