Serious flaw in sendmail 8.12.6 and below found

By Justin Mann on March 22, 2006, 4:02 PM
One of the most popular mail utilities in the world, sendmail, has a serious flaw in it that could potentially leave a back door open onto a machine. Sendmail is used around the world, delivering 70% of all e-mail, and this particular flaw affects all versions in the 8 branch up to 8.12.6, on Linux and Unix-based systems. All software based on these versions of sendmail are vulnerable according to the report. Symantec has classified this as “critical”, but all users of it already have a solution – for an upgraded version exists.

The Sendmail Consortium strongly urged open-source users to upgrade to version 8.13.6 of the software, which contains a fix and is available through its Web site. Patches for two older versions of the software are also available for download, but the group discouraged that tactic, warning that the patches may not work properly.
If you happen to maintain a server that utilizes sendmail – check it.




Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.