Vulnerabilities have been uncovered in Sendmail and the Snort open source intrusion detection system IT departments suffered two serious vulnerabilities in enterprise-grade open source software systems last week. Top of the list was a newly reported vulnerability in Sendmail, which is a widely used mail transport agent (MTA). The second vulnerability was found in Snort, a popular open-source intrusion detection system (IDS). Last week showed how quickly news of vulnerabilities can be exploited to produce software that wreaks havoc on the Net. Within 24 hours of the problems being made public, an easy-to-use exploit program for the Sendmail vulnerability was posted on the Bugtraq mailing list. According to Bugtraq, default installations of Sendmail and Red Hat Linux are not vulnerable to this particular exploit, but firms that have compiled Sendmail for use with Red Hat 7.1, 72 or 7.3 are vulnerable. Bugtraq also warned that hackers may be working on alternative exploit software that could attack other versions of Sendmail. According to Sendmail, all versions predating the 8.12.8 version issued last week may be affected. Given that just about every firm runs an email system, the Sendmail vulnerability is potentially the most serious problem for some time. Dan Ingevaldson of Internet Security Systems said, “The Sendmail vulnerability is the most severe that our team has ever discovered. It affects a critical service that must be exposed to the Internet, and it cannot be blocked by firewalls.” Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.