<div>
Hi,<br />
<br />
<br />
If I understand correctly the vunerabilita 'only concerns the intranet part of local users, can not' be made by external users correct?
</div>


Hi,


If I understand correctly the vunerabilita 'only concerns the intranet part of local users, can not' be made by external users correct?

<div>
Hi,<br />
<br />
Yes it is a local vulnerability. <br />
<br />
Cheers
</div>


Hi,

Yes it is a local vulnerability.

Cheers

<div>
Local vulnerability concerns users that are ALLREADY logged on to equipment.<br />
SSH/TELNET login and then are able to xploit. &nbsp; It doesn;t matter if SSH is over internet of intranet, or console..... You need to be logged-on to the machine somehow.<br />
<br />
If &nbsp;**network is involved..., it is remotely exploitable. &nbsp; &nbsp;(** net intranet is equivalent to internet...) &nbsp;No need to logon through other means first.
</div>


Local vulnerability concerns users that are ALLREADY logged on to equipment.
SSH/TELNET login and then are able to xploit.   It doesn;t matter if SSH is over internet of intranet, or console..... You need to be logged-on to the machine somehow.

If  **network is involved..., it is remotely exploitable.    (** net intranet is equivalent to internet...)  No need to logon through other means first.

<div>
Hi,<br />
<br />
that's all true in general. <br />
<br />
Except that no one with a right state of mind will consider using telnetd nowadays or even make an IBM power server, which can cost over $100k a piece easily, directly accessible over the internet.<br />
<br />
Cheers
</div>


Hi,

that's all true in general.

Except that no one with a right state of mind will consider using telnetd nowadays or even make an IBM power server, which can cost over $100k a piece easily, directly accessible over the internet.

Cheers

<div>
<div class="content wysiwyg-content">
I have a system AIX with 6.1.00 tl9 is necessary install fix for sendmail-cve-2014-3956 ?<br />
<br />
The problem exists only if I go to the internet world?
</div>
</div>


I have a system AIX with 6.1.00 tl9 is necessary install fix for sendmail-cve-2014-3956 ?

The problem exists only if I go to the internet world?

AIX - Sendmail Vulnerability: CVE-2014-3956

A vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness, known as the attack surface. Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. Other vulnerabilities include security risks, security defects and constructs in programming languages that are difficult to use properly.

Vulnerabilities

Installation is the act of making a computer program program ready for execution. Because the process varies programs often come with a specialized program responsible for doing whatever is needed for their installation. Installation may be part of a larger software deployment process. Cross platform installer builders that produce installers for Windows, Mac OS X and Linux include InstallAnywhere, InstallBuilder and Install4J. Installers for Microsoft Windows include Windows Installer, InstallShield, and Wise Installation Studio; free installer-authoring tools include NSIS, IzPack, Clickteam, InnoSetup, InstallSimple and WiX. Mac OS X includes Installer, and also includes a separate software updating application.

Installation

Unix is a multitasking, multi-user computer operating system originally developed in 1969 at Bell Labs. Today, it is a modern OS with many commercial flavors and licensees, including FreeBSD, Hewlett-Packard’s UX, IBM AIX and Apple Mac OS-X. Apart from its command-line interface, most UNIX variations support the standardized X Window System for GUIs, with the exception of the Mac OS, which uses a proprietary system.