Sendmail mail.local Vulnerabilities

The vendor has been notified and the deadlock/LMTP problems were fixed in Sendmail versions 8.10.0 and higher. On Solaris machines, Sendmail 8.10.0 and 8.10.1 are known to be vulnerable to another related attack involving the Content-Length field in the message header.

The Content-Length field header was fixed by Sendmail upgrades:

Eric Allman Sendmail 8.9.3


Privacy Statement
Copyright 2010, SecurityFocus