BugTraq
sendmail 8.12.8 available Mar 03 2003 05:08PM
Claus Assmann ca+bugtraq@sendmail.org (ca+bugtraq sendmail org) (2 replies)
Re: sendmail 8.12.8 available Mar 04 2003 01:39AM
Mordechai T. Abzug (morty frakir org) (1 replies)
On Mon, Mar 03, 2003 at 09:08:09AM -0800, Claus Assmann wrote:

> 8.12.8/8.12.8 2003/02/11
> SECURITY: Fix a remote buffer overflow in header parsing by
> dropping sender and recipient header comments if the
> comments are too long. Problem noted by Mark Dowd
> of ISS X-Force.
> Fix a potential non-exploitable buffer overflow in parsing the
> .cf queue settings and potential buffer underflow in
> parsing ident responses. Problem noted by Yichen Xie of
> Stanford University Compilation Group.

Question: are the header and ident issues *only* remote overflow
problems, or is this also a local vulnerability? Ie. if one has a
system that doesn't run sendmail in daemon mode (-bd), but does make
sendmail available as an SUID root binary for submission to the local
smarthost and does run sendmail is queue-process mode (ie. -q15m), is
the system still vulnerable? Given that the problem is in the header
parsing, I would expect this to be both a remote and a local problem,
but I'd like to make sure before doing lots of upgrades.

Thanks.

- Morty

[ reply ]
Re: sendmail 8.12.8 available Mar 04 2003 11:14PM
Neil W Rickert rickert+bt (at) cs.niu (dot) edu [email concealed] (rickert+bt cs niu edu)
Re: sendmail 8.12.8 available Mar 03 2003 05:26PM
Florian Weimer (Weimer CERT Uni-Stuttgart DE) (1 replies)
Re: sendmail 8.12.8 available Mar 04 2003 05:21PM
Nico Erfurth (masta perlgolf de)


 

Privacy Statement
Copyright 2010, SecurityFocus