Remote Sendmail Header Processing Vulnerability
Results 1 to 2 of 2

Thread: Remote Sendmail Header Processing Vulnerability

  1. #1
    Member
    Join Date
    Nov 2002
    Posts
    32

    Remote Sendmail Header Processing Vulnerability

    Synopsis:
    ISS X-Force has discovered a buffer overflow vulnerability in the Sendmail Mail Transfer Agent (MTA). Sendmail is the most common MTA and has been documented to handle between 50% and 75% of all Internet email traffic.

    Impact:
    Attackers may remotely exploit this vulnerability to gain "root" or superuser control of any vulnerable Sendmail server. Sendmail and all other email servers are typically exposed to the Internet in order to send and receive Internet email. Vulnerable Sendmail servers will not be protected by legacy security devices such as firewalls and/or packet filters. This vulnerability is especially dangerous because the exploit can be delivered within an email message and the attacker doesn't need any specific knowledge of the target to launch a successful attack.

    http://www.issadvisor.com/viewtopic.php?t=162
    ISS you are the besthttp://www.issadvisor.com/images/personal/pisson.gifbecause you piss on the rest

    [gloworange]www.issadvisor.com [/gloworange]

  2. #2
    Member
    Join Date
    Nov 2002
    Posts
    32

    Post News

    just *some of the news on this

    ISS finds root exploit in Sendmail
    http://www.geek.com/news/geeknews/20...0305018955.htm

    Dangerous flaw found in popular e-mail software
    http://www.denverpost.com/Stories/0,...0%257E,00.html

    E-mail transfer program has flaw
    http://www.bayarea.com/mld/mercuryne...ss/5311389.htm

    CERT Center Warns of Sendmail Flaw
    http://thewhir.com/marketwatch/cer030403.cfm

    Flaw in e-mail software makes traffic vulnerable
    http://www.taipeitimes.com/News/biz/...3/03/05/196879

    Tech Firms, Government Get Friendly Over Sendmail
    http://www.washingtonpost.com/wp-dyn...-2003Mar4.html

    Email security flaw triggers global worm watch
    http://www.newscientist.com/news/news.jsp?id=ns99993456

    Sendmail flaw threatens internet email
    http://www.vnunet.com/News/1139199

    Mail Server Flaw Could Spawn Slammer II
    http://www.pcworld.com/news/article/0,aid,109639,00.asp

    Patching Sendmail: The Clock Is Ticking
    http://www.newsfactor.com/perl/story/20904.html

    Security Experts Warn Of E-Mail Software Flaw
    http://www.internetwk.com/breakingNe...icleID=7400141

    Major Internet vulnerability discovered in e-mail protocol
    http://www.computerworld.com/securit...,78991,00.html

    Security flaw in major e-mail system discovered
    http://www.forbes.com/technology/new...rtr895366.html
    ISS you are the besthttp://www.issadvisor.com/images/personal/pisson.gifbecause you piss on the rest

    [gloworange]www.issadvisor.com [/gloworange]

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •