“An attack could interfere with or intercept mail delivery, permit the intruder to tamper with other programs and data on the vulnerable system, and potentially provide access to other systems on the affected machine’s network.
The flaw relates to all Linux- and Unix-based versions of Sendmail 8 up to version 8.13.5, but not Microsoft Windows varieties of the open-source software, said the Sendmail Consortium, which oversees the project. Affected products put out by Sendmail Inc., which sells a commercial version, include Sendmail Switch, Sentrion and Advanced Message Server, according to a company alert. ”
Here is some more Tech News from around the web:
- Windows Vista and PC Gamers @ ExtremeTech
- HOW TO- Re-surfacing CDs so they work again @ MAKE:Blog
- ICY BOX IB-861 Multi-port Panel @ 3D Velocity
- Q3I AlcoHawk Slim Personal Digital Alcohol Detector @ PCApex
- Multiple live CDs in one DVD @ NewsForge
- Sony 2006 Las Vegas Open House Round Up @ DesignTechnica
- Game Developers Conference – Day 2 @ Techgage
- GDC Day One: PlayStation, Epic, Ageia, and the Expo Slideshow @ ExtremeTech
Source: CNet News.com
UNIX and LINUX are getting in on the newly discovered vulnerability theme for this week as well. According to this story on CNET, the Sendmail flaw could allow a remote attacker to gain control of your machine. The Windows version is not at risk and upgrading to version 8.13.6 of *NIX sendmail will secure you, as it contains a patch for this vulnerability.