Sendmail MTA Security Patch Distribution

March 22, 2006

 

Sendmail, Inc. has recently become aware of a security vulnerability in certain versions of sendmail Mail Transfer Agent (MTA) and UNIX and Linux products that contain it.  Sendmail was notified by security researchers at ISS that, under some specific timing conditions, this vulnerability may permit a specifically crafted attack to take over the sendmail MTA process, allowing remote attackers to execute commands and run arbitrary programs on the system running the MTA, affecting email delivery, or tampering with other programs and data on this system.  For further information, please review the full secruity advisory at http://www.sendmail.com/company/advisory/index.shtml.

Sendmail is not aware of any public exploit code for this vulnerability.


 

Sendmail, Inc. commercial users running any of the products listed below should login with their email address below to download and install the Switch 3.1.8 cumulative patch.

»      Sendmail Switch 3.1.x

»      Sendmail Managed MTA 3.1.x

»      Sendmail Multi-Switch 3.1.x

»      Sendmail Message Store/SAMS 2.1.x, 2.2.x

»      Intelligent Quarantine 3.0

Please enter your customer e-mail address:

Sendmail, Inc. commercial users running earlier versions of these products with current support agreements should login to Sendmail’s support system* at http://www.sendmail.com/customerlogin/ to access Switch 3.1 and the Switch 3.1.8 cumulative patch. 

 

Sendmail, Inc. commercial users running earlier versions of these products without current support agreements should contact Sendmail at customerservice@sendmail.com or via the phone numbers below to request a current version of your product and the required patch.

 

Sendmail Open Source users should refer to http://www.sendmail.org/8.13.6.html for information on open source patches.

 

Phone contact information:

North & Latin America, Asia/Pacific

Europe, Middle East, Africa

Toll free US +1-877-363-6245 (press 1)

Toll call US  +1-510-594-5598

United Kingdom: 0800 652 8897

Germany: 01801-73636245

France:  01 43 18 22 27

Other locations: +44 800 652 8897

 

 

* If this is your first time accessing Sendmail's support system since February 6th, 2006, you will need to set up a new password.  Please follow these steps:

1.      Visit https://www.sendmail.com/cfusion/CFIDE/nupw.cfm

2.      Enter your email address and select the "Submit" button.

3.      An email message containing a temporary password will be sent to your email address.  Follow the instructions in that message to create a permanent password.


Copyright © 2000-2006 Sendmail, Inc. All rights reserved.