Vulnerability: Sendmail

A remotely exploitable vulnerability in sendmail could allow an attacker to gain control of a vulnerable sendmail server. Address parsing code in sendmail does not adequately check the length of email addresses. An email message with a specially crafted address could trigger a stack overflow.

Affected systems:

* Sendmail Pro (all versions)
* Sendmail Switch 2.1 prior to 2.1.6
* Sendmail Switch 2.2 prior to 2.2.6
* Sendmail Switch 3.0 prior to 3.0.4
* Sendmail for NT 2.X prior to 2.6.3
* Sendmail for NT 3.0 prior to 3.0.4
* Systems running open-source sendmail versions prior to 8.12.9, including UNIX and Linux systems.

For more information, see http://www.cert.org/advisories/CA-2003-12.html.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about CERT AustraliaSendMail

Show Comments