The vulnerability affects the following products, which have sendmail enabled and listening for remote connections:
* Avaya S87x0, S8500, and S8300 Media Servers (versions prior to CM 2.0)
The following products include sendmail, but do not have it enabled by default:
* Avaya S87x0, S8500, and S8300 Media Servers (CM 2.0 up to CM 3.1)
* Avaya SIP Enablement Services (All versions)
* Converged Communication Server (All versions)
* Avaya Intuity LX (All versions)
* Avaya Messaging Storage Server (All versions)
* Avaya Message Networking (All versions)
Solution: The vendor recommends restricting local and network access to vulnerable servers.
Original Advisory: http://support.avaya.com/elmodocs2/security/ASA-2006-074.htm
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org
Subject: Avaya Products Sendmail Signal Handling Memory Corruption
No posts yet
You must be logged in to post a comment.
Secunia Customer Login
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.