Sendmail mail.local Vulnerabilities

Solution:
The vendor has been notified and the deadlock/LMTP problems were fixed in Sendmail versions 8.10.0 and higher. On Solaris machines, Sendmail 8.10.0 and 8.10.1 are known to be vulnerable to another related attack involving the Content-Length field in the message header.

The Content-Length field header was fixed by Sendmail upgrades:


Eric Allman Sendmail 8.9.3


 

Privacy Statement
Copyright 2010, SecurityFocus