Subject: Sendmail Buffer Overflow on Linux
deem@wdm.com
Date: Sat Mar 29 2003 - 13:41:38 AKST
Here's the latest on keeping your sendmail server clean.
The official 'CERT' URL on the latest sendmail buffer overflow
says:
"There is a remotely exploitable vulnerability in sendmail that
could allow an attacker to gain control of a vulnerable
sendmail server. Address parsing code in sendmail does not
adequately check the length of email addresses. An email
message with a specially crafted address could trigger a stack
overflow. This vulnerability was discovered by Michal
Zalewski."
See http://www.cert.org/advisories/CA-2003-12.html
It's also on /. today.
Have Fun,
Dee
Dee
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
This archive was generated by hypermail 2a23 : Sat Mar 29 2003 - 13:41:42 AKST