Sendmail flaw risks systems
Systems running Sendmail are at risk of hacker attacks because of a flaw in the way the commonly used email server software handles long email addresses, experts have warned. This is the second serious bug announced this month and has some users looking for alternatives. Failure to adequately check the length of email addresses means a message with a specially crafted address can trigger a stack overflow, potentially allowing an attacker to gain control of a vulnerable server, the CERT Co-ordination Centre warned. Sendmail servers that weren’t directly connected to the Internet were also at risk, since the vulnerability was triggered by the contents of a malicious email message that could be handed on from server to server, CERT claimed. Sendmail is the most commonly used MTA (mail transfer agent) and handles the majority of all Internet email traffic.
Deloitte abandons plan
Accounting firm Deloitte Touche Tohmatsu has decided against separating from its IT consulting unit, Deloitte Consulting, 14 months after it announced it would do so to avoid possible conflicts of interest. Deloitte Touche blamed a “tight credit market and the uncertain state of the economy” for its decision. The company will be the only one among the world’s four largest accounting firms to retain its IT consulting practice. KPMG spun off KPMG Consulting (now BearingPoint) via an initial public offering in 2001.
CA forms services group
Computer Associates (CA) kicked off its new fiscal year in the US by announcing it has formed CA Technology Services. The new unit is meant to help customers implement its software products and receive support more quickly. As part of its new service-focused initiative, CA is slashing 450 jobs worldwide over the next several months, with cuts in North America to take place immediately.