Patch immediately or get hacked, warns security expert
A critical flaw has been found in Sendmail's popular open source SMTP server software which could give hackers full access to affected networks.
In order to exploit this vulnerability, an attacker only needs to be able to connect to the Sendmail SMTP server over a network.
Exploitation could allow attackers to take complete control of affected machines and obtain full access to users' emails, confidential information and other sensitive data on the network.
"Due to its high popularity and extensive deployment throughout the internet, this vulnerability represents a serious risk to organisations that rely on Sendmail for email services," said Gunter Ollmann, director of ISS X-Force, which discovered the flaw.
"Since SMTP is one of the few listening services allowed consistently through perimeter firewalls, we expect that many attackers will develop techniques to exploit the vulnerability in order to gain entry into corporate and government networks."
ISS X-Force has published an advisory about the flaw on its website.
Sendmail is urging all users of version 8.0 of its software to apply the patch on its website or to upgrade to the latest version of the software.
A critical flaw has been found in Sendmail's popular open source SMTP server software which could give hackers full access to affected networks.
In order to exploit this vulnerability, an attacker only needs to be able to connect to the Sendmail SMTP server over a network.
Exploitation could allow attackers to take complete control of affected machines and obtain full access to users' emails, confidential information and other sensitive data on the network.
"Due to its high popularity and extensive deployment throughout the internet, this vulnerability represents a serious risk to organisations that rely on Sendmail for email services," said Gunter Ollmann, director of ISS X-Force, which discovered the flaw.
"Since SMTP is one of the few listening services allowed consistently through perimeter firewalls, we expect that many attackers will develop techniques to exploit the vulnerability in order to gain entry into corporate and government networks."
ISS X-Force has published an advisory about the flaw on its website.
Sendmail is urging all users of version 8.0 of its software to apply the patch on its website or to upgrade to the latest version of the software.
Share this page
Email this page
Back to Top
Home
Edit Post
0 comments: