On 2024-07-02 01:39, Bob Proulx wrote:
Happy Monday Savannah!FYI: I am working through the ssh upgrades on the servers in order to mitigate the current news. regreSSHion: RCE in OpenSSH's server, on glibc-based Linux systems CVE-2024-6387 https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt
Bob, while you are at it, I think you might also want to check if sendmail on vcs systemd & frontend is vulnerable to this (below). sendmail (actually apt-listchanges??) sent an email to tell me that sendmail got a security update (which I think is ironic).
Btw, I got a "permission denied" trying to login as svadm from mgt1 to vcs2. Got distracted and did not try other hosts.
------8<--------cut-here-------8<-------- sendmail (8.18.1-3) unstable; urgency=medium Sendmail was affected by SMTP smuggling (CVE-2023-51765). Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports some combinaison of <CR><LF><NUL>. . This particular injection vulnerability has been closed, unfortunately full closure need to reject mail that contain NUL. . This is slighly non conformant with RFC and could be opt-out by setting confREJECT_NUL to 'false' in sendmail.mc file.-- Bastien Roucariès <ro...@debian.org> Sun, 12 May 2024 19:38:09 +0000
------8<--------cut-here-------8<-------- -- Jing Luo About me: https://jing.rocks/about/ GPG Fingerprint: 4E09 8D19 00AA 3F72 1899 2614 09B3 316E 13A1 1EFC
signature.asc
Description: OpenPGP digital signature
