Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Product Security

FSC-2006-2: Sendmail MTA Security Vulnerability

 

Brief Description

A vulnerability in Sendmail may permit a specially crafted attack to take over the sendmail MTA process, allowing a remote user to execute commands and run arbitrary programs on the system.

Sendmail released a medium risk security advisory on March 22nd 2006. Both the X- and P-series F-Secure Messaging Security Gateway Appliances use Sendmail. The vulnerability may permit a specially crafted attack to take over the sendmail MTA process, allowing a remote user to execute commands and run arbitrary programs on the system.

Hotfixes are distributed automatically by the delivery system. Users of these products do not need to take any action. This means that virtually all affected systems will be patched automatically shortly after publication of this advisory.

This vulnerability is being tracked as CVE-2006-0058.

 

Affected Platforms   

All supported platforms
 

Products

Risk Level: HIGH (Low/Medium/High/Critical)

F-Secure Messaging Security Gateway, X200 (3.1.0 or earlier)
F-Secure Messaging Security Gateway, P600 and P800 (3.2.4 or earlier)

 

Mitigating Factors

A fix for the problem has been distributed through the malware definition database update channel. This advisory only affects systems that, for some reason, are not updated automatically.
 

Date Issued: 2006-06-01
Last Updated: 2006-06-01

Get Support online

For documentation and product support, visit our Support site.

 

F-Secure Community

 
Give advice. Get advice. Share the knowledge on our free discussion forum.