[ale] Checking for sendmail patch

Bob Toxen bob at verysecurelinux.com
Wed Mar 5 11:52:05 EST 2003 

I assume that everyone has heard about the remote root vulnerability in
sendmail that came to light this week.

Be aware that the new patched version of sendmail may behave differently
than the existing sendmail on some versions of some platforms, notably
Red Hat.

I threw together the following simple script that will check if a system's
sendmail has been patched.  Enjoy.

Best regards,

Bob Toxen, CTO
Fly-By-Day Consulting, Inc.
"Your expert in Firewalls, Virus and Spam Filters, VPNs,
Network Monitoring, and Network Security consulting"
bob at verysecurelinux.com (e-mail)
+1 770-662-8321  (Office)

I'll be giving talks on computer security at IBM's Linux Competency Center
in New York City on March 6 and at the "Real World Linux" conference in
Toronto on April 30.

http://www.verysecurelinux.com       [Network & Linux/Unix Security Consulting]
http://www.realworldlinuxsecurity.com [My 5* book: "Real World Linux Security"]

--------------- http://www.verysecurelinux.com/chksendmail  ---------------
#!/bin/tcsh
# Copyright 2003 Fly-By-Day Consulting, Inc.  All rights reserved.
# Use and Distribution permitted so long no changes are made without permission

foreach i ( `which sendmail` )
echo "=============== Checking $i"
strings $i >! /tmp/chk$$
grep "Dropped invalid comments from header address" /tmp/chk$$
if ( "$status" != 0 ) then
	echo "DANGER, WILL ROBINSON! $i needs patching"
else
	echo "Sleep well. $i has been patched for the March '03 madness bug"
endif
echo ""
end
echo "++++++++++ Done"
echo ""
echo "Created by Fly-By-Day Consulting, Inc., the leader in Linux Security"
echo ""
echo "Contact Fly-By-Day Consulting, Inc. for monthly patching contracts,"
echo "Firewalls, VPNs, Virus filters, Monitoring for attacks and health,"
echo "Network Security Audits & Consulting"
echo "+1 770-662-8321"
echo "www.verysecurelinux.com"
echo "bob at verysecurelinux.com"
_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale

More information about the Ale mailing list