- Email: [email protected]
Security vulnerability in sendmail
Network Security
January 7999
The input access list must block traffic destined for UDP port 514 at any of the Cisco IOS device’s own IP addresses, as well as at any broadcast or multicast addresses on which the Cisco IOS device may be listening. It’s important to remember to block old-style ‘all zeroes’ broadcasts as well as new-style ‘all-ones’ broadcasts. It is not necessary to block traffic being forwarded to other hosts; only traffic actually addressed to the Cisco IOS device is of interest. There is no single input access list that will work in all configurations. It is very important that you understand the effect of your access list in your specific configuration before you activate the list. Cisco is offering free software correct this updates to vulnerability for all vulnerable customers, regardless of contract However, because status. this about information has been vulnerability disseminated by third parties, Cisco has been forced to release this advisory before updates are available for all software versions, For further information, contact
C/AC on: + I 925 422 8 193; E-mail: caic@//n/.gov.
management server. This problem is not an OpenView-specific problem, but OpenView can be affected when communicating with systems that have an affected agent. The HP OpenView Emanate SNMP Agent has two revisions currently supported, release 2.X and 14.X. HP recommends upgrading to the 14.X release and applying the patch to circumvent this vulnerability.
then be necessary. This means that if a system administrator deinstalls one of the earlier patches after installing the security patch, they will overwrite the security fixes with older software.
The defect is now fixed, such that an unauthorized user cannot use this mechanism. It is advisable to install the appropriate patch:
Security vulnerability in sendmail
Emanate 14.2 version on HP-UX revision 11 ,OO: PHSS_16846 Emanate 14.2 version on HP-UX revision 10.20: PHSS_16845 Emanate 14.2 version on VVOS revision 10.24: PHSS_17083 Emanate 14.0 version on HP-UX revision 10.0X, 10.10: PHSS_16800 Emanate 14.0 version on HP-UX revision 9.X: PHSS_16799 Solaris 2.3 and 2.4 OpenView Emanate 14.0 agent:
For further information, contact:
C/AC on: + 1 925 422 8 193; fax: + 1 925 423 8002; E-mail: ciacQ /h-f/. gov.
Hewlett-Packard Security Bulletin #00089 reveals that some important features provided by Sendmail 8.8.6 includes a new group of rulesets to avoid mail ‘spamming’ and to prevent mail ‘spammers’ from using your host as a mail relay point, Sendmail 8.8.6 provides four new named rulesets which can be used to check and reject abusive mail messages. Patches are available from the Electronic Support Center (ESC) patch hub for HP-UX 10.20, 10.30 and 11 .O. For the following HP-UX releases an official patch is available: HP-UX release 10.20: PHNE_12836
HP- UX vulnerabilities CIAC Advisory J-022 reports on a problem where an SNMP community string in HP OpenView allows access to certain SNMP variables. This may reduce manageability of affected HP-UX systems. An SNMP community string exists in HP OpenView SNMP agent implementations allowing access to certain SNMP variables. This may result in limited manageability of affected HP-UX systems. The system remains operational but will be unable to respond to some queries from a
0 1999 Elsevier
Science
Ltd
Solaris 2.51 and 2.6 OpenView Emanate 14.2 agent:
HP-UX release 10.30: PHNE_12866 HP-UX release 11 .OO:PHNE_15509
The Solaris agent available from:
patches
are
http://ovweb.externaI.hp.com: 80/cpe/patches/emanate/l4.x/ sparc_2.X.html Installing any earlier HP OV Emanate patch, or reinstalling HP OpenView Network Node Manager (NNM) will reverse the protective effect of the patches listed above. Reinstallation of the above referenced patch will
For further information, contact:
C/AC on: + 1 925 422 8 193; fax: + 1 925 423 8002; E-mail: ciacQ Ilnl.gov.
Sun Solaris dtmail, passwd vulnerabilities Sun Microsystems Security Bulletin #00181 reveals a problem with buffer overflows. The dtmail program is the mail
3
January 7999
The input access list must block traffic destined for UDP port 514 at any of the Cisco IOS device’s own IP addresses, as well as at any broadcast or multicast addresses on which the Cisco IOS device may be listening. It’s important to remember to block old-style ‘all zeroes’ broadcasts as well as new-style ‘all-ones’ broadcasts. It is not necessary to block traffic being forwarded to other hosts; only traffic actually addressed to the Cisco IOS device is of interest. There is no single input access list that will work in all configurations. It is very important that you understand the effect of your access list in your specific configuration before you activate the list. Cisco is offering free software correct this updates to vulnerability for all vulnerable customers, regardless of contract However, because status. this about information has been vulnerability disseminated by third parties, Cisco has been forced to release this advisory before updates are available for all software versions, For further information, contact
C/AC on: + I 925 422 8 193; E-mail: caic@//n/.gov.
management server. This problem is not an OpenView-specific problem, but OpenView can be affected when communicating with systems that have an affected agent. The HP OpenView Emanate SNMP Agent has two revisions currently supported, release 2.X and 14.X. HP recommends upgrading to the 14.X release and applying the patch to circumvent this vulnerability.
then be necessary. This means that if a system administrator deinstalls one of the earlier patches after installing the security patch, they will overwrite the security fixes with older software.
The defect is now fixed, such that an unauthorized user cannot use this mechanism. It is advisable to install the appropriate patch:
Security vulnerability in sendmail
Emanate 14.2 version on HP-UX revision 11 ,OO: PHSS_16846 Emanate 14.2 version on HP-UX revision 10.20: PHSS_16845 Emanate 14.2 version on VVOS revision 10.24: PHSS_17083 Emanate 14.0 version on HP-UX revision 10.0X, 10.10: PHSS_16800 Emanate 14.0 version on HP-UX revision 9.X: PHSS_16799 Solaris 2.3 and 2.4 OpenView Emanate 14.0 agent:
For further information, contact:
C/AC on: + 1 925 422 8 193; fax: + 1 925 423 8002; E-mail: ciacQ /h-f/. gov.
Hewlett-Packard Security Bulletin #00089 reveals that some important features provided by Sendmail 8.8.6 includes a new group of rulesets to avoid mail ‘spamming’ and to prevent mail ‘spammers’ from using your host as a mail relay point, Sendmail 8.8.6 provides four new named rulesets which can be used to check and reject abusive mail messages. Patches are available from the Electronic Support Center (ESC) patch hub for HP-UX 10.20, 10.30 and 11 .O. For the following HP-UX releases an official patch is available: HP-UX release 10.20: PHNE_12836
HP- UX vulnerabilities CIAC Advisory J-022 reports on a problem where an SNMP community string in HP OpenView allows access to certain SNMP variables. This may reduce manageability of affected HP-UX systems. An SNMP community string exists in HP OpenView SNMP agent implementations allowing access to certain SNMP variables. This may result in limited manageability of affected HP-UX systems. The system remains operational but will be unable to respond to some queries from a
0 1999 Elsevier
Science
Ltd
Solaris 2.51 and 2.6 OpenView Emanate 14.2 agent:
HP-UX release 10.30: PHNE_12866 HP-UX release 11 .OO:PHNE_15509
The Solaris agent available from:
patches
are
http://ovweb.externaI.hp.com: 80/cpe/patches/emanate/l4.x/ sparc_2.X.html Installing any earlier HP OV Emanate patch, or reinstalling HP OpenView Network Node Manager (NNM) will reverse the protective effect of the patches listed above. Reinstallation of the above referenced patch will
For further information, contact:
C/AC on: + 1 925 422 8 193; fax: + 1 925 423 8002; E-mail: ciacQ Ilnl.gov.
Sun Solaris dtmail, passwd vulnerabilities Sun Microsystems Security Bulletin #00181 reveals a problem with buffer overflows. The dtmail program is the mail
3