A flaw discovered in the software of major e-mail server

Home > Business > Industry

print dictionary print

A flaw discovered in the software of major e-mail server

A security hole in a popular Internet e-mail server software package has been publicized and a patch released for most versions of the software. The announcement was made Monday in the United States. The software, called Sendmail, runs on Unix operating systems and is estimated to account for about half the e-mail servers on the Internet. The organization that maintains the open-source version of the software calls the issue a “critical security problem in header parsing.” Other descriptions of the problem say a hacker could gain control of an e-mail server by sending it a specially formatted e-mail. Experts say the problem could be as serious as the recent Slammer virus that attacked the Internet in late January and hit Korea’s Internet infrastructure especially hard. The Sendmail Consortium (www.sendmail. org) says it has an upgraded version of the current open-source version and patches for earlier versions of the software available, adding that users of commercial Sendmail distributions should contact their vendor for help. E-Week, an online computer-related news service, said the U.S. Department of Homeland Security was involved in coordinating the response to the vulnerability, which it learned of on Feb. 14. The news service said that although some smaller vendors of the software did not yet have patches available, the announcement was made because officials feared that hacker groups would learn of the vulnerability and try to exploit it before a patch was available for most versions. Separately, Macromedia, Inc., announced a “critical update” for its popular Flash multimedia software, which is estimated to be installed on nearly three-quarters of computers connected to the Internet. The flaw would allow hackers to bypass security controls that isolate applications running Flash applications from the rest of the computer. Links to the updated version of the software, however, are not easily found on Macromedia’s Web site; the easiest way to download the repair is to go to www.macromedia.com and enter “mpsb03-03” (without the quote marks) in the search box. by John Hoog
Log in to Twitter or Facebook account to connect
with the Korea JoongAng Daily
help-image Social comment?
s
lock icon

To write comments, please log in to one of the accounts.

Standards Board Policy (0/250자)