| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 3 Mar 2003 20:39:14 -0500 From: "Mordechai T. Abzug" <morty@...kir.org> To: Claus Assmann <ca+bugtraq@...dmail.org> Cc: bugtraq@...urityfocus.com, vulnwatch@...nwatch.org Subject: [VulnDiscuss] Re: sendmail 8.12.8 available On Mon, Mar 03, 2003 at 09:08:09AM -0800, Claus Assmann wrote: > 8.12.8/8.12.8 2003/02/11 > SECURITY: Fix a remote buffer overflow in header parsing by > dropping sender and recipient header comments if the > comments are too long. Problem noted by Mark Dowd > of ISS X-Force. > Fix a potential non-exploitable buffer overflow in parsing the > .cf queue settings and potential buffer underflow in > parsing ident responses. Problem noted by Yichen Xie of > Stanford University Compilation Group. Question: are the header and ident issues *only* remote overflow problems, or is this also a local vulnerability? Ie. if one has a system that doesn't run sendmail in daemon mode (-bd), but does make sendmail available as an SUID root binary for submission to the local smarthost and does run sendmail is queue-process mode (ie. -q15m), is the system still vulnerable? Given that the problem is in the header parsing, I would expect this to be both a remote and a local problem, but I'd like to make sure before doing lots of upgrades. Thanks. - Morty
Powered by blists - more mailing lists