Author Topic: A reminder to all  (Read 3714 times)

toadlife

  • Member
  • **
  • Posts: 730
  • Kudos: 376
    • http://toadlife.net
A reminder to all
« on: 23 March 2006, 10:00 »
Patch your sendmail, if you have it running on any of your linux systems.

http://secunia.com/advisories/19342/

:)
:)

Refalm

  • Administrator
  • Member
  • ***
  • Posts: 5,183
  • Kudos: 704
  • Sjembek!
    • RADIOKNOP
Re: A reminder to all
« Reply #1 on: 23 March 2006, 10:20 »
I'm glad we're using postfix then :D

muzzy

  • Member
  • **
  • Posts: 391
  • Kudos: 409
    • http://muzzy.net/
Re: A reminder to all
« Reply #2 on: 23 March 2006, 10:53 »
A hole in sendmail? This is news, who would've thought!

mobrien_12

  • VIP
  • Member
  • ***
  • Posts: 2,138
  • Kudos: 711
    • http://www.geocities.com/mobrien_12
Re: A reminder to all
« Reply #3 on: 23 March 2006, 12:07 »
Thanks toadlife.  BSD running sendmail affected too, of course.

Postfix really seems the way to go.  Sendmail is good at patching their vulnerabilities, but postfix has less of them in the first place.
In brightest day, in darkest night, no evil shall escape my sight....

solemnwarning

  • Member
  • **
  • Posts: 747
  • Kudos: 338
    • http://www.solemnwarning.net
Re: A reminder to all
« Reply #4 on: 23 March 2006, 15:08 »
People actually use sendmail? :O
-----BEGIN GEEK CODE BLOCK-----
 Version: 3.1
 GCS/CM d- s+:+ a--- C++ UL++++>$ P+ L+++ !E W++ !N !o !K-- w !O !M !V PS+ PE- !Y !PGP !t !5 !X !R tv b+ DI+ !D G e- h !r y-
 ------END GEEK CODE BLOCK------

WMD

  • Global Moderator
  • Member
  • ***
  • Posts: 2,525
  • Kudos: 391
    • http://www.dognoodle99.cjb.net
Re: A reminder to all
« Reply #5 on: 23 March 2006, 17:24 »
Quote from: muzzy
A hole in sendmail? This is news, who would've thought!

Yeah, no kidding....
My BSOD gallery
"Yes there's nothing wrong with going around being rude and selfish, killing people and fucking married women, but being childish is a cardinal sin around these parts." -Aloone_Jonez

H_TeXMeX_H

  • Member
  • **
  • Posts: 1,988
  • Kudos: 494
    • http://draconishinobi.50webs.com/
Re: A reminder to all
« Reply #6 on: 23 March 2006, 21:40 »
What's sendmail ?

toadlife

  • Member
  • **
  • Posts: 730
  • Kudos: 376
    • http://toadlife.net
Re: A reminder to all
« Reply #7 on: 23 March 2006, 21:44 »
Quote from: H_TeXMeX_H
What's sendmail ?

One of the most exploited pieces of software in history. I use it on my BSD machines because it's integrated into the OS - which make updating easier.

Of course, if I used postfix, there would be no need to update. :p
:)

mobrien_12

  • VIP
  • Member
  • ***
  • Posts: 2,138
  • Kudos: 711
    • http://www.geocities.com/mobrien_12
Re: A reminder to all
« Reply #8 on: 24 March 2006, 03:41 »
Quote from: toadlife
One of the most exploited pieces of software in history. I use it on my BSD machines because it's integrated into the OS - which make updating easier.

Of course, if I used postfix, there would be no need to update. :p


Toad, to be honest I can't remember which variant of *BSD you use, but I do know postfix is one of the FreeBSD ports.  Postfix can do everything sendmail can, transparently.  If you want to run it, I'm sure you can.

Me, I updated right away because I couldn't get postfix running on Fedora  Core 4 as you guys may or may not remember.  It probably doesn't matter since the MTA doesn't listen for incoming connections, nor does it send mail to anyone outide the computer (ISP won't allow it), it's firewalled by IPTAbles and my router... but still I always patch.
In brightest day, in darkest night, no evil shall escape my sight....

H_TeXMeX_H

  • Member
  • **
  • Posts: 1,988
  • Kudos: 494
    • http://draconishinobi.50webs.com/
Re: A reminder to all
« Reply #9 on: 24 March 2006, 04:43 »
You can't get it running ? what was wrong ?

toadlife

  • Member
  • **
  • Posts: 730
  • Kudos: 376
    • http://toadlife.net
Re: A reminder to all
« Reply #10 on: 24 March 2006, 11:06 »
Actually, I *do* run postfix..at work on my OpenBSD spam box. At home on FreeBSd I just use the built in sendmail - pretty much out of sheer laziness.  To update sendmail, I just update the OS, which I update anyway. I really should take a moment a switch all of my BSD boxes to postfix.
:)