COMMAND

    sendmail

SYSTEMS AFFECTED

    sendmail 8.8.8 (Sendmail for SunOS(tm) 5.6 and 5.5.1)

PROBLEM

    Following  is  based  on   Sun  Microsystems  Security   Bulletin.
    sendmail is a mail transfer  agent, Copyright (C) Eric Allman  and
    the University of  California, which is  freely available.   Their
    base version is commonly known as "Berkeley sendmail", as  opposed
    to various vendors' versions of sendmail (including Sun's).  SunOS
    5.6  and  5.5.1  originally  included  version  8.6.9  of Berkeley
    sendmail, with Sun enhancements  added.  Various security  related
    improvements  were  made  in  version  8.8.8 of Berkeley sendmail,
    including improvements relating to email spam and bombs, and email
    relaying.  Sun's implementation of version 8.8.8 sendmail includes
    enhancements   to   address   subsequently   identified   security
    vulnerabilities and support  for V1/Sun configuration  files, used
    in Sun's version of 8.6.9 sendmail.

SOLUTION

    Sun's implementation  of version  8.8.8 sendmail  is provided  for
    SunOS 5.6 and 5.5.1 via these patches:

        OS Version      Patch ID
        __________      _________
        SunOS 5.6           105395-05
        SunOS 5.6_x86       105396-05
        SunOS 5.5.1         103594-18
        SunOS 5.5.1_x86     103595-18