Security Alert
Advisory for the sendmail Remote Buffer Overflow Vulnerability
 Read the Security Advisory ... |
Why the Alert?
On March 3rd, 2003, the CERT Coordination Center published the existence of a remotely exploitable vulnerability in sendmail, the world's most popular open source email server. Successful exploitation of this sendmail vulnerability can allow attackers to gain root or administrator privileges to computers running vulnerable versions of sendmail in daemon mode.
What Systems are Vulnerable?
- Computers that are running any open source sendmail version prior to 8.12.8 running in daemon mode
- Computers that are running commercial versions of Sendmail Pro (all versions), Sendmail for NT (2.x prior to 2.6.2 and 3.0 prior to 3.0.3), or Sendmail Switch (2.1 prior to 2.1.5, 2.2 prior to 2.2.5, and 3.0 prior to 3.0.3)
Immediate Action from NetIQ?
The VITAL Security Advisory helps you identify vulnerable computers using Security Analyzer and VigilEnt Security Manager from NetIQ. This VITAL Security Advisory also helps you plan the sendmail upgrade in a way that minimizes the likelihood of a successful attack during the interim.
