(OpenBSD Issues Fix) Sendmail May Crash When Processing Mail with a Long Header
|
|
SecurityTracker Alert ID: 1016754
|
|
SecurityTracker URL: http://securitytracker.com/id?1016754
|
|
CVE Reference: GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Aug 25 2006
|
Impact: Denial of service via network
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Advisory: OpenBSD Errata
|
Version(s): 8.13.7 and prior versions
|
Description: A vulnerability was reported in Sendmail. A remote user can cause denial of service conditions.
A remote user can send e-mail with specially crafted (and very long) header lines to trigger a "use-after-free" flaw and cause the
target sendmail service to crash.
Moritz Jodeit reported this vulnerability.
[Editor's note: The vendor reported on August
9, 2006 that a potential "crash" had been corrected, but the vendor did not describe the nature of the crash. OpenBSD reported
the security relevant nature of the crash on August 25, 2006.]
|
Impact: A remote user can cause sendmail to crash.
|
Solution: OpenBSD has issued the following fixes:
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.9/common/005_sendmail3.patch
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/010_sendmail3.patch
|
Vendor URL: www.sendmail.org/releases/8.13.8.html (Links to External Site)
|
Cause: State error
|
Underlying OS: UNIX (OpenBSD)
|
Underlying OS Comments: 3.8, 3.9
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Fri, 25 Aug 2006 15:37:27 -0400
Subject: OpenBSD vulnerability
|
SECURITY FIX: August 25, 2006 All architectures
A potential denial of service problem has been found in sendmail. A message with really
long header lines could trigger a use-after-free bug causing sendmail to crash.
A source code patch exists which remedies this problem.
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.9/common/005_sendmail3.patch
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/010_sendmail3.patch
|
|
