Internet Security Systems Discovers and Protects Against Flaw in Sendmail Server Software
LONDON – March 22, 2006 – Internet Security Systems, Inc. (ISS) (NASDAQ: ISSX), the worldwide leader in pre-emptive, enterprise security, today announced that its X Force® research and development team has discovered a serious vulnerability in Sendmail SMTP server software. Sendmail is the most popular mail transfer agent (MTA) on the Internet and is used extensively by large corporations and government agencies to route and deliver email. ISS customers have been pre-emptively protected from this vulnerability since February 14, 2006.
In order to exploit this vulnerability, an attacker simply needs to be able to connect to the Sendmail SMTP server over a network. Exploitation of this vulnerability could allow remote attackers to take complete control of affected machines and obtain full access to users’ emails, confidential information and other sensitive data on the network.
“Due to its high popularity and extensive deployment throughout the Internet, this vulnerability represents a serious risk to organisations that rely upon Sendmail for email services,” said Gunter Ollmann, Director of ISS X-Force. “Since SMTP is one of the few listening services allowed consistently through perimeter firewalls, we expect that many attackers will focus their efforts on developing techniques to exploit the vulnerability in order to gain entry into corporate and government networks.”
Sendmail is primarily used in UNIX server environments, although various Windows versions also exist. It is the default MTA for many operating systems. By carefully timing the transmission of malicious data targeting this vulnerability, it is possible for a remote attacker to gain control of the affected system without requiring any user interaction.
By protecting against vulnerabilities rather than known exploits, ISS keeps organisations ahead of Internet threats. Through a multi-layered security approach, ISS’ Proventia® security products and services provide organisations with comprehensive protection for IT assets from network to host. ISS’ Virtual PatchÃ¢â€ž? technology automatically protects organisations from Internet attacks until they are able to obtain, test and apply patches from affected vendors.
ISS products and services are based on the work of its X-Force research and development team. X-Force has discovered more than 50 per cent of all critical and high-risk software and infrastructure vulnerabilities uncovered by commercial security research groups from 1998 to 2005, including the vulnerabilities exploited by the Slammer and Zotob worms.
The ISS X-Force advisory on this vulnerability can be found at: http://xforce.iss.net/xforce/alerts/id/216
ISS customers are already protected from this flaw. ISS recommends that other companies obtain and apply the patch for this vulnerability from the Sendmail Web site (http://www.sendmail.org) or contact their operating system vendor for more information.
About Internet Security Systems, Inc.
Internet Security Systems, Inc. (ISS) is the trusted security advisor to thousands of the world’s leading businesses and governments, providing pre-emptive protection for networks, desktops and servers. An established leader in security since 1994, ISS’ integrated security platform automatically protects against both known and unknown threats, keeping networks up and running and shielding customers from online attacks before they impact business assets. ISS products and services are based on the proactive security intelligence of its X-Force® research and development team – the unequivocal world authority in vulnerability and threat research. ISS’ product line is also complemented by comprehensive Managed Security Services. For more information, visit the Internet Security Systems Web site at www.iss.net/uk or call ?(0)1753 845 100.