Sendmail Buffer Overflow on Linux

Subject: Sendmail Buffer Overflow on Linux
deem@wdm.com
Date: Sat Mar 29 2003 - 13:41:38 AKST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: stephen king: "RE: gobbledygook"
• Previous message: Scott A. Johnson: "(no subject)"

Here's the latest on keeping your sendmail server clean.

The official 'CERT' URL on the latest sendmail buffer overflow
says:

"There is a remotely exploitable vulnerability in sendmail that
could allow an attacker to gain control of a vulnerable
sendmail server. Address parsing code in sendmail does not
adequately check the length of email addresses. An email
message with a specially crafted address could trigger a stack
overflow. This vulnerability was discovered by Michal
Zalewski."
See http://www.cert.org/advisories/CA-2003-12.html

It's also on /. today.

Have Fun,
Dee
Dee

---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.

• Next message: stephen king: "RE: gobbledygook"
• Previous message: Scott A. Johnson: "(no subject)"

This archive was generated by hypermail 2a23 : Sat Mar 29 2003 - 13:41:42 AKST