• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Sendmail Milter Remote Denial Of Service Weakness

Sendmail is susceptible to a remote denial of service weakness in its milter interface. This issue is due to overly long default timeouts configured for milters.

This issue is demonstrated with ClamAV versions prior to 0.86. Any other milter that utilizes similar operating methods as the older ClamAV milter will also expose this vulnerability in Sendmail.

Depending on the configuration of the milter interface, attackers may either exploit this issue to bypass milters, or to deny further email delivery on affected sites.