Boletines de Vulnerabilidades |
Ejecución de código remota en Sendmail |
|
Clasificación de la vulnerabilidad |
|
| Propiedad | Valor |
| Nivel de Confianza | Oficial |
| Impacto | Obtener acceso |
| Dificultad | Avanzado |
| Requerimientos del atacante | Acceso remoto sin cuenta a un servicio estandar |
Información sobre el sistema |
|
| Propiedad | Valor |
| Fabricant afectat | GNU/Linux |
| Software afectado |
Sendmail 8.13.x <= 8.13.5 Sendmail 8.12.x <= 8.12.10 |
Descripción |
|
|
Se ha descubierto una vulnerabilidad de tipo condición de carrera en Sendmail 8.13.x versión anterior a 8.13.6 y 8.12.x versión anterior a 8.12.11. La vulnerabilidad reside en que es posible interrumpir las llamadas a las funciones "setjmp" y "longjmp" y se pueda modificar posiciones de memoria. Un atacante remoto podría ejecutar código arbitrario. |
|
Solución |
|
|
Si lo desea, aplique los mecanismos de actualización propios de su distribución, o bien baje las fuentes del software y compílelo usted mismo. Actualización de software Sendmail Sendmail 8.12.11 patch ftp://ftp.sendmail.org/pub/sendmail/8.12.11.p0 Sendmail 8.13.5 patch ftp://ftp.sendmail.org/pub/sendmail/8.13.5.p0 Sendmail 8.13.6 Upgrade ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.13.6.tar.gz Debian Debian Linux 3.0 Source http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.12.3-7.2.dsc http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.12.3-7.2.diff.gz http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.12.3.orig.tar.gz Architecture independent http://security.debian.org/pool/updates/main/s/sendmail/sendmail-doc_8.12.3-7.2_all.deb Alpha http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.12.3-7.2_alpha.deb http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.12.3-7.2_alpha.deb ARM http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.12.3-7.2_arm.deb http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.12.3-7.2_arm.deb Intel IA-32 http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.12.3-7.2_i386.deb http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.12.3-7.2_i386.deb Intel IA-64 http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.12.3-7.2_ia64.deb http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.12.3-7.2_ia64.deb HP Precision http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.12.3-7.2_hppa.deb http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.12.3-7.2_hppa.deb Motorola 680x0 http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.12.3-7.2_m68k.deb http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.12.3-7.2_m68k.deb Big endian MIPS http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.12.3-7.2_mips.deb http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.12.3-7.2_mips.deb Little endian MIPS http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.12.3-7.2_mipsel.deb http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.12.3-7.2_mipsel.deb PowerPC http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.12.3-7.2_powerpc.deb http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.12.3-7.2_powerpc.deb IBM S/390 http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.12.3-7.2_s390.deb http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.12.3-7.2_s390.deb Sun Sparc http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.12.3-7.2_sparc.deb http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.12.3-7.2_sparc.deb Debian Linux 3.1 Source http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.13.4-3sarge1.dsc http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.13.4-3sarge1.diff.gz http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.13.4.orig.tar.gz Architecture independent http://security.debian.org/pool/updates/main/s/sendmail/sendmail-base_8.13.4-3sarge1_all.deb http://security.debian.org/pool/updates/main/s/sendmail/sendmail-cf_8.13.4-3sarge1_all.deb http://security.debian.org/pool/updates/main/s/sendmail/sendmail-doc_8.13.4-3sarge1_all.deb http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.13.4-3sarge1_all.deb Alpha http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge1_alpha.deb http://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge1_alpha.deb http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge1_alpha.deb http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge1_alpha.deb http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge1_alpha.deb AMD64 http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge1_amd64.deb http://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge1_amd64.deb http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge1_amd64.deb http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge1_amd64.deb http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge1_amd64.deb ARM http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge1_arm.deb http://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge1_arm.deb http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge1_arm.deb http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge1_arm.deb http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge1_arm.deb Intel IA-32 http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge1_i386.deb http://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge1_i386.deb http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge1_i386.deb http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge1_i386.deb http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge1_i386.deb Intel IA-64 http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge1_ia64.deb http://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge1_ia64.deb http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge1_ia64.deb http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge1_ia64.deb http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge1_ia64.deb HP Precision http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge1_hppa.deb http://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge1_hppa.deb http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge1_hppa.deb http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge1_hppa.deb http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge1_hppa.deb Motorola 680x0 http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge1_m68k.deb http://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge1_m68k.deb http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge1_m68k.deb http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge1_m68k.deb http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge1_m68k.deb Big endian MIPS http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge1_mips.deb http://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge1_mips.deb http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge1_mips.deb http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge1_mips.deb http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge1_mips.deb Little endian MIPS http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge1_mipsel.deb http://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge1_mipsel.deb http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge1_mipsel.deb http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge1_mipsel.deb http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge1_mipsel.deb PowerPC http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge1_powerpc.deb http://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge1_powerpc.deb http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge1_powerpc.deb http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge1_powerpc.deb http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge1_powerpc.deb IBM S/390 http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge1_s390.deb http://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge1_s390.deb http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge1_s390.deb http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge1_s390.deb http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge1_s390.deb Sun Sparc http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge1_sparc.deb http://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge1_sparc.deb http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge1_sparc.deb http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge1_sparc.deb http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge1_sparc.deb Sun Solaris 8 / SPARC / patch 110615-14 Solaris 8 / x86 / patch 110616-14 Solaris 9 / SPARC / patch 113575-06 Solaris 9 / x86 / patch 114137-05 Solaris 10 / SPARC / patch 122856-01 Solaris 10 / x86 / patch 122857-01 http://sunsolve.sun.com/pub-cgi/show.pl?target=patchpage Red Hat Red Hat Desktop (v. 3) Red Hat Desktop (v. 4) Red Hat Enterprise Linux AS (v. 3) Red Hat Enterprise Linux AS (v. 4) Red Hat Enterprise Linux ES (v. 3) Red Hat Enterprise Linux ES (v. 4) Red Hat Enterprise Linux WS (v. 3) Red Hat Enterprise Linux WS (v. 4) Red Hat Enterprise Linux AS (v. 2.1) Red Hat Enterprise Linux ES (v. 2.1) Red Hat Enterprise Linux WS (v. 2.1) Red Hat Linux Advanced Workstation 2.1 Itanium https://rhn.redhat.com/ Suse Linux Las actualizaciones pueden descargarse mediante YAST o del servidor FTP oficial de Suse Linux IBM Interim Fix / sendmail_vu834865.tar.Z ftp://aix.software.ibm.com/aix/efixes/security/sendmail_vu834865.tar.Z AIX 5.1 - APAR IY82992 AIX 5.2 - APAR IY82993 AIX 5.3 - APAR IY82994 http://www-03.ibm.com/servers/eserver/support/unixservers/aixfixes.html FreeBSD FreeBSD 4.10 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-06:13/sendmail410.patch FreeBSD 4.11 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-06:13/sendmail411.patch FreeBSD 5.4, 6.x ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-06:13/sendmail.patch OpenBSD OpenBSD 3.9 ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.9/common/001_sendmail.patch OpenBSD 3.8 ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/006_sendmail.patch OpenBSD 3.7 ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.7/common/012_sendmail.patch Hewlett-Packard HP-UX 11.11 / Sendmail 8.13.3 / sendmail-8.13_1111.depot HP-UX 11.23 / Sendmail 8.13.3 / sendmail-8.13_1123.depot HP-UX 11.00 / Sendmail 8.11.1 / sendmail-811_01.009.depot HP-UX 11.11 / Sendmail 8.11.1 / sendmail-811_10.depot HP-UX 11.23 / Sendmail 8.11.1 / PHNE_34689 HP-UX 11.00 / Sendmail 8.9.3 / PHNE_32006 HP-UX 11.04 / Sendmail 8.9.3 / PHNE_34927 HP-UX 11.11 / Sendmail 8.9.3 / PHNE_34936 HP-UX 11.00 / Sendmail 8.8.6 / PHNE_34900 ftp://sendmail:sendmail@hprc.external.hp.com/ Hewlett-Packard Sendmail 8.13.6 / HP Tru64 UNIX Version 5.1B-3 ERP Kit / T64KIT1000619-V51BB26-ES-20060515 http://www2.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1000619-V51BB26-ES-20060515 Sendmail 8.13.6 / HP Tru64 UNIX Version 5.1B-2/PK4 ERP Kit / T64KIT1000617-V51BB25-ES-20060515 http://www2.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1000617-V51BB25-ES-20060515 Sendmail 8.13.6 / HP Tru64 UNIX Version 5.1A PK6 ERP Kit / T64KIT1000618-V51AB24-ES-20060515 http://www2.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1000618-V51AB24-ES-20060515 Sendmail 8.13.6 / HP Tru64 UNIX Version 4.0G PK4 ERP Kit / T64KIT1000635-V40GB22-ES-20060519 http://www2.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1000635-V40GB22-ES-20060519 Sendmail 8.13.6 / HP Tru64 UNIX Version 4.0F PK8 ERP Kit / DUXKIT1000636-V40FB22-ES-20060519 http://www2.itrc.hp.com/service/patch/patchDetail.do?patchid=DUXKIT1000636-V40FB22-ES-20060519 Sendmail 8.13.6 / HP Internet Express for Tru64 UNIX V6.3 ERP Kit / T64V51AB-IX-631-SENDMAIL-SSRT-061135 http://www2.itrc.hp.com/service/patch/patchDetail.do?patchid=T64V51AB-IX-631-SENDMAIL-SSRT-061135 Sendmail 8.13.6 / HP Internet Express for Tru64 UNIX V6.4 ERP Kit / T64V51AB-IX-641-SENDMAIL-SSRT-061135 http://www2.itrc.hp.com/service/patch/patchDetail.do?patchid=T64V51AB-IX-641-SENDMAIL-SSRT-061135 Sendmail 8.13.6 / HP Internet Explorer for Tru64 UNIX V6.5 ERP Kit / T64V51AB-IX-651-SENDMAIL-SSRT-061135 http://www2.itrc.hp.com/service/patch/patchDetail.do?patchid=T64V51AB-IX-651-SENDMAIL-SSRT-061135 NetBSD NetBSD-current < 2006-03-23 NetBSD 2.* < 2006-03-23 NetBSD 3.* < 2006-03-23 ftp://ftp.netbsd.org/pub/NetBSD/NetBSD-daily/ SGI Advanced Linux Environment 3 / RPM / Patch 10291 ftp://oss.sgi.com/projects/sgi_propack/download/3/updates/RPMS Advanced Linux Environment 3 / SRPM / Patch 10291 ftp://oss.sgi.com/projects/sgi_propack/download/3/updates/SRPMS IRIX 6.5.[19..26] / Actualizar a 6.5.27 y aplicar 7082 IRIX 6.5.[27..29] / Aplicar 7082 http://support.sgi.com/ SCO UnixWare 7.1.3, 7.1.4 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.24 OpenServer 6.0.0 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.25 Sun Cobalt RaQ550 ftp://ftp.cobalt.sun.com/pub/packages/raq550/all/RaQ550-All-Security-0.0.1-17084.pkg RaQ4 ftp://ftp.cobalt.sun.com/pub/packages/raq4/jpn/RaQ4-All-Security-2.0.2-17084.pkg RaQ XTR ftp://ftp.cobalt.sun.com/pub/packages/raqxtr/eng/RaQXTR-All-Security-1.0.1-17084.pkg ftp://ftp.cobalt.sun.com/pub/packages/raqxtr/jpn/RaQXTR-All-Security-1.0.1-17084.pkg |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE | CVE-2006-0058 |
| BID | |
Recursos adicionales |
|
|
Sendmail 8.13.6 http://www.sendmail.org/8.13.6.html Sendmail MTA Security Vulnerability (March 22, 2006) http://www.sendmail.com/company/advisory/index.shtml Technical Cyber Security Alert (TA06-081A) http://www.us-cert.gov/cas/techalerts/TA06-081A.html Debian Security Advisory (DSA 1015-1) http://lists.debian.org/debian-security-announce/debian-security-announce-2006/msg00096.html Sun Alert Notification (102262) http://sunsolve.sun.com/search/document.do?assetkey=1-26-102262-1 Red Hat Security Advisory (RHSA-2006:0264-8) https://rhn.redhat.com/errata/RHSA-2006-0264.html Red Hat Security Advisory (RHSA-2006:0265-9) https://rhn.redhat.com/errata/RHSA-2006-0265.html SUSE Security Advisory (SUSE-SA:2006:017) http://www.novell.com/linux/security/advisories/2006_17_sendmail.html IBM Security Advisory http://www-1.ibm.com/support/docview.wss?uid=isg1IY82992 IBM Security Advisory http://www-1.ibm.com/support/docview.wss?uid=isg1IY82993 IBM Security Advisory http://www-1.ibm.com/support/docview.wss?uid=isg1IY82994 FreeBSD Security Advisory (FreeBSD-SA-06:13.sendmail) ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:13.sendmail.asc OpenBSD release errata & patch list http://www.openbsd.org/errata.html#sendmail HP SECURITY BULLETIN (HPSBUX02108) http://www4.itrc.hp.com/service/cki/docDisplay.do?docId=c00629555 HP SECURITY BULLETIN (HPSBTU02116) http://www4.itrc.hp.com/service/cki/docDisplay.do?docId=c00692635 NetBSD Security Advisory (NetBSD-SA2006-010) ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-010.txt.asc SGI Security Advisory (20060302-01-P) ftp://patches.sgi.com/support/free/security/advisories/20060302-01-P.asc SGI Security Advisory (20060401-01-U) ftp://patches.sgi.com/support/free/security/advisories/20060401-01.U.asc SCO Security Advisory (SCOSA-2006.24) ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.24/SCOSA-2006.24.txt SCO Security Advisory (SCOSA-2006.25) ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.25/SCOSA-2006.25.txt Sun(sm) Alert Notification 102324 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102324-1 |
|
Histórico de versiones |
||
| Versión | Comentario | Data |
| 1.0 | Aviso emitido | 2006-03-23 |
| 1.1 | Aviso emitido por OpenBSD | 2006-03-27 |
| 1.2 | Aviso actualizado por Sun (102262) | 2006-03-29 |
| 1.3 | Aviso emitido por HP (HPSBUX02108). Aviso emitido por NetBSD-SA2006-010). | 2006-03-31 |
| 1.4 | Aviso actualizado por Sun (102262) | 2006-04-03 |
| 1.5 | Aviso emitido por SGI (20060401-01-U, 20060302-01-P) | 2006-04-05 |
| 1.6 | Aviso actualizado por HP (HPSBUX02108) | 2006-04-10 |
| 1.7 | Aviso actualizado por HP (HPSBUX02108) | 2006-04-13 |
| 1.8 | Aviso actualizado por Sun (102262) | 2006-04-18 |
| 1.9 | Aviso actualizado por HP (HPSBUX02108) | 2006-04-20 |
| 1.10 | Aviso actualizado por HP (HPSBUX02108) | 2006-04-25 |
| 1.11 | Aviso actualizado por HP (HPSBUX02108) | 2006-05-04 |
| 1.12 | Aviso actualizado por HP (HPSBUX02108) | 2006-05-19 |
| 1.13 | Aviso emitido por SCO (SCOSA-2006.24) | 2006-05-23 |
| 1.14 | Aviso emitido por SCO (SCOSA-2006.25) | 2006-06-01 |
| 1.15 | Aviso emitido por HP (HPSBTU02116) | 2006-06-06 |
| 1.16 | Aviso emitido por HP (HPSBTU02116) | 2006-07-20 |
| 2.0 | Existe una prueba de concepto disponible | 2006-07-24 |
| 2.1 | Aviso actualizado por HP (HPSBUX02108) | 2006-08-02 |
| 2.2 | Aviso emitido por Sun (102324) | 2006-10-09 |