A vulnerability has been discovered in Sendmail, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused by a boundary error in "parseaddr.c" caused by a "char" to "int" conversion problem, which results in Sendmail not handling long email addresses containing the extended ASCII character "0xff" correct. A malicious person can exploit this to cause a buffer overflow by constructing an email with a specially crafted email address.
Successful exploitation can potentially allow execution of arbitrary code on the vulnerable system with the privileges of the sendmail process (typically "root").
Note: Internal vulnerable mail servers are also at risk, since a malicious email can be forwarded by an external, non-vulnerable mail server.
The following Sendmail versions have been confirmed vulnerable:
* Sendmail Pro (all versions)
* Sendmail Switch 2.1 prior to 2.1.6
* Sendmail Switch 2.2 prior to 2.2.6
* Sendmail Switch 3.0 prior to 3.0.4
* Sendmail for NT 2.X prior to 2.6.3
* Sendmail for NT 3.0 prior to 3.0.4
* Systems running open-source sendmail versions prior to 8.12.9, including UNIX and Linux systems.
Solution: Some information regarding the vulnerability was disclosed on a public mailing list, before Sendmail.org had released an updated version. Sendmail.org has therefore rushed to issue an updated version, but the various OS vendors have not released any updated packages yet.
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org
Subject: Sendmail Address Parsing Buffer Overflow
No posts yet
You must be logged in to post a comment.
Secunia Customer Login
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.