Linux Today: Linux News On Internet Time.

Caldera Security Advisory: sendmail queue run privilege problem

Oct 10, 2001, 18:50 (0 Talkback[s])
Date: Wed, 10 Oct 2001 09:05:48 -0600
From: Support Info supinfo@caldera.com
Subject: Security Update: [CSSA-2001-34.0] Linux: sendmail queue run
        privilege problem

                   Caldera International, Inc.  Security Advisory

Subject:                Linux - sendmail queue run privilege problem
Advisory number:        CSSA-2001-034.0
Issue date:             2001, October 05
Cross reference:

1. Problem Description

   There is a permission problem in the default setup of sendmail in all
   OpenLinux versions, which allows a local attacker to cause a denial
   of service attack effectively stopping delivery of all mails from
   the current system.

   This vulnerability also allows a local attacker to read the full headers
   of all mails in the mail queue.

2. Vulnerable Versions

   All sendmail versions on currently supported OpenLinux product are

3. Solution

   There are no fixed packages available.


    OpenLinux 2.3, OpenLinux eServer 2.3.1 and OpenLinux eDesktop 2.4:

        In /etc/sendmail.cf, change the line:

          O PrivacyOptions=authwarnings

        to read:

          O PrivacyOptions=authwarnings,restrictqrun

    OpenLinux Workstation and Server 3.1:

        In /etc/mail/sendmail.cf, change the line:

          O PrivacyOptions=authwarnings,noexpn,novrfy,noetrn,noverb

        to read:

          O PrivacyOptions=authwarnings,noexpn,novrfy,noetrn,noverb,restrictqrun

4. References

   This and other Caldera security resources are located at:


   This security fix closes Caldera's internal Problem Report 10576.

5. Disclaimer

   Caldera International, Inc. is not responsible for the misuse of
   any of the information we provide on this website and/or through our
   security advisories. Our advisories are a service to our customers
   intended to promote secure installation and use of Caldera OpenLinux.

11. Acknowledgements

   Caldera International wishes to thank Michal Zalewski for pointing out
   this problem.

Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org