Security experts and vendors of Linux and other Unix-like operating systems are urging network administrators to replace some versions of popular e-mail server software known as Sendmail, because the most recent open-source versions can provide a doorway for local hackers.
Since malicious individuals would need to gain command-line access to a server in order to exploit the vulnerability, the problem is greatest for organizations such as Internet service providers or universities that regularly provide shell access to users.
Cade Cairns, a member of the Security Focus Threat Analysis Team, reported late last week that hackers with access to run Sendmail from the command line of vulnerable systems could possibly gain administrator access to the server by supplying specially crafted commands.
The link for this article located at Newsbytes is no longer available.
