Bugtraq: Re: sendmail 8.12.8 available

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: sendmail 8.12.8 available

From: "Mordechai T. Abzug" <morty () frakir org>
Date: Mon, 3 Mar 2003 20:39:14 -0500

On Mon, Mar 03, 2003 at 09:08:09AM -0800, Claus Assmann wrote:

8.12.8/8.12.8 2003/02/11
      SECURITY: Fix a remote buffer overflow in header parsing by
              dropping sender and recipient header comments if the
              comments are too long.  Problem noted by Mark Dowd
              of ISS X-Force.
      Fix a potential non-exploitable buffer overflow in parsing the
              .cf queue settings and potential buffer underflow in
              parsing ident responses.  Problem noted by Yichen Xie of
              Stanford University Compilation Group.


Question: are the header and ident issues *only* remote overflow
problems, or is this also a local vulnerability?  Ie. if one has a
system that doesn't run sendmail in daemon mode (-bd), but does make
sendmail available as an SUID root binary for submission to the local
smarthost and does run sendmail is queue-process mode (ie. -q15m), is
the system still vulnerable?  Given that the problem is in the header
parsing, I would expect this to be both a remote and a local problem,
but I'd like to make sure before doing lots of upgrades.

Thanks.

- Morty

By Date By Thread

Current thread:

sendmail 8.12.8 available Claus Assmann (Mar 03)
- Re: sendmail 8.12.8 available Florian Weimer (Mar 03)
  - Re: sendmail 8.12.8 available Nico Erfurth (Mar 04)
  - Message not available
    - Re: sendmail 8.12.8 available Bennett Todd (Mar 07)
- Re: sendmail 8.12.8 available Mordechai T. Abzug (Mar 04)
  - Re: sendmail 8.12.8 available Neil W Rickert (Mar 06)