• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Sendmail Long Ident Logging Circumvention Weakness

Bugtraq ID:	5770
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Sep 21 2002 12:00AM
Updated:	Sep 21 2002 12:00AM
Credit:	Vulnerability discovery credited to netmask {enZo} <netmask@enz-o.org>.
Vulnerable:	Sendmail Consortium Sendmail 8.12.6 + Apple Mac OS X 10.2.4 + Conectiva Linux Enterprise Edition 1.0 + FreeBSD FreeBSD 5.0 + FreeBSD FreeBSD 4.7 + MandrakeSoft Corporate Server 2.1 + MandrakeSoft Linux Mandrake 9.0 + OpenBSD OpenBSD 3.2 + S.u.S.E. Linux 8.1 Sendmail Consortium Sendmail 8.12.5 + Conectiva Linux 9.0 + OpenBSD OpenBSD 3.2 Sendmail Consortium Sendmail 8.12.4 + OpenBSD OpenBSD 3.2 + Slackware Linux 8.1 + Slackware Linux -current Sendmail Consortium Sendmail 8.12.3 + Debian Linux 3.0 sparc + Debian Linux 3.0 s/390 + Debian Linux 3.0 ppc + Debian Linux 3.0 mipsel + Debian Linux 3.0 mips + Debian Linux 3.0 m68k + Debian Linux 3.0 ia-64 + Debian Linux 3.0 ia-32 + Debian Linux 3.0 hppa + Debian Linux 3.0 arm + Debian Linux 3.0 alpha + Debian Linux 3.0 + FreeBSD FreeBSD 4.6 + S.u.S.E. Linux 8.0 i386 + S.u.S.E. Linux 8.0 Sendmail Consortium Sendmail 8.12.2 + Apple Mac OS X 10.2.3 + Apple Mac OS X 10.2.2 + Apple Mac OS X 10.2.1 + Apple Mac OS X 10.2 + Apple Mac OS X Server 10.2.3 + Apple Mac OS X Server 10.2.2 + Apple Mac OS X Server 10.2.1 + Apple Mac OS X Server 10.2 + OpenBSD OpenBSD 3.1 Sendmail Consortium Sendmail 8.12.1 + HP MPE/iX 7.5 + HP MPE/iX 7.0 + MandrakeSoft Linux Mandrake 8.2 ppc + MandrakeSoft Linux Mandrake 8.2 Sendmail Consortium Sendmail 8.12 .0
Not Vulnerable: