| VID |
18043 |
| Severity |
40 |
| Port |
25 |
| Protocol |
TCP |
| Class |
SMTP |
| Detailed Description |
The Sendmail server, according to its version number, has a buffer overflow vulnerability in its DNS handling code.
Sendmail is a freely available, open source Mail Transport Agent (MTA). It is available for most Unix and Linux operating systems. Sendmail versions 8.12.4 and earlier are vulnerable to a buffer overflow in the code that handles DNS responses. By specifying a DNS (Domain Name System) map using a TXT record in a configuration file, a remote attacker can cause an overly long string to be returned from a malicious nameserver, which could overflow a buffer and allow the attacker to execute arbitrary code on the system with root privileges.
The Sendmail Consortium has stated that this vulnerability is not present in the Sendmail configurations that the DNS map option that can trigger the exposure is not enabled.
* Note: Due to the following reasons, this may or may not be considered a security risk in your environment (i.e. It may be a false positive):
1. This check solely relied on the version number of the remote Sendmail server to assess this vulnerability.
2. The version number of the Sendmail server is based on the standard Sendmail distribution released by the Sendmail Consortium.
* Platforms Affected:
Sendmail 8.12.4 and earlier
Linux Any version
Unix Any version
* References:
http://online.securityfocus.com/bid/5122
http://www.iss.net/security_center/static/9443.php |
| Recommendation |
Upgrade to the latest version of Sendmail (8.12.5 or later), available from the Sendmail Web site, http://www.sendmail.org/8.12.5.html |
| Related URL |
CVE-2002-0906 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
