home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Nebula 2
/
Nebula Two.iso
/
NextAnswers
/
1518_NeXT-94:001-sendmail.txt
< prev
next >
Wrap
Text File
|
1995-06-12
|
2KB
|
45 lines
------------------------------------------------------------------------
NeXT SECURITY BULLETIN: NeXT-94:001-sendmail, 16 February 94
------------------------------------------------------------------------
PROBLEM:
A security vulnerability has been identified in all versions of
NEXTSTEP up to and including Release 3.2. This vulnerability,
described in CERT advisories CA-93:16 and CA-93:16a, may allow
unauthorized remote or authorized local users to gain unauthorized
privileges. All sendmail recipient machines within a domain could
potentially be vulnerable.
SOLUTION:
NeXT has corrected this vulnerability and provided a patch containing
new binaries for both NeXT and Intel-based computers running NEXTSTEP
Release 3.1 or Release 3.2.
DETAILS:
This patch is available via anonymous FTP from FTP.NEXT.COM in the
directory "/pub/NeXTanswers/Files/Patches/SendmailPatch.23950.1".
Filename Checksum
--------------------------------- ---------
1513_SendmailPatch.ReadMe.rtf 63963 4
1514_SendmailPatch.pkg.compressed 02962 290
This patch is also available via electronic mail by sending a message
to NeXTanswers@NeXT.com with a subject line of "1513 1514". The two
files noted above will be returned as NeXTmail attachments.
This patch is for NEXTSTEP 3.1 and NEXTSTEP 3.2. Instructions for
installing this patch are included in the ReadMe file.
Note: At the present time, NeXT has no plans to make a patch available
for releases of NEXTSTEP prior to Release 3.1.
COMMENTS:
NeXT recommends that all customers concerned with the security of
their NEXTSTEP systems either apply the patch or edit the sendmail
configuration files as soon as possible.
Questions about this patch should be directed to NeXT's Technical
Support Hotline at 1-800-848-NeXT (+1-415-424-8500 if outside the
U.S.) or via email to ask_next@NeXT.com.