J-Security Center

Latest Attack Object Updates
  • IDP Daily Update #1545
    posted: 11/19/09
  • NSM Daily Update #1545
    posted: 11/19/09
  • Deep Inspection 5.3r5 and above, 5.4, 6.0 #1545
    posted: 11/19/09
  • Deep Inspection 5.1 and 5.2 #1435
    posted: 11/19/09
  • Deep Inspection 5.0, 5.3r4 and below #1132
    posted: 03/28/08 (04/01/08 for 5.0)
  • Antivirus
    posted: 11/19/09

Title: Sendmail Header Processing Buffer Overflow Vulnerability

Severity: CRITICAL

Description:

Sendmail is a widely used MTA for UNIX and Microsoft Windows systems.

Sendmail is prone to a remotely buffer-overflow vulnerability in the SMTP header parsing component. Remote attackers may exploit this vulnerability by connecting to target SMTP servers and transmitting malformed SMTP data.

The overflow condition occurs when Sendmail processes addresses or lists of addresses in fields such as'From:' or 'CC:'. One of the checks to ensure that the addresses are valid is flawed, resulting in a buffer-overflow condition. Successful attackers may exploit this vulnerability to gain root privileges on affected servers remotely.

Reportedly, this vulnerability may be locally exploitable if the sendmail binary is setuid/setgid.

Sendmail 5.2 to 8.12.7 are affected. Administrators are advised to upgrade to 8.12.8 or to apply patches to earlier versions of the 8.12.x tree.

Affected Products:

  • Apple Mac OS X 10.2.0
  • Apple Mac OS X 10.2.1
  • Apple Mac OS X 10.2.2
  • Apple Mac OS X 10.2.3
  • Apple Mac OS X 10.2.4
  • Apple Mac OS X Server 10.2.0
  • Apple Mac OS X Server 10.2.1
  • Apple Mac OS X Server 10.2.2
  • Apple Mac OS X Server 10.2.3
  • Caldera OpenLinux Server 3.1.0
  • Caldera OpenLinux Server 3.1.1
  • Caldera OpenLinux Workstation 3.1.0
  • Caldera OpenLinux Workstation 3.1.1
  • Compaq Tru64 4.0.0 f PK7 (BL18)
  • Compaq Tru64 4.0.0 g PK3 (BL17)
  • Compaq Tru64 5.0.0 a PK3 (BL17)
  • Compaq Tru64 5.1.0
  • Compaq Tru64 5.1.0 B
  • Compaq Tru64 5.1.0 PK5 (BL19)
  • Compaq Tru64 5.1.0 a
  • Conectiva Linux 6.0.0
  • Conectiva Linux 7.0.0
  • Conectiva Linux 8.0.0
  • Conectiva Linux 9.0.0
  • Conectiva Linux Enterprise Edition 1.0.0
  • Debian Linux 2.2.0
  • Debian Linux 2.2.0 68k
  • Debian Linux 2.2.0 IA-32
  • Debian Linux 2.2.0 alpha
  • Debian Linux 2.2.0 arm
  • Debian Linux 2.2.0 powerpc
  • Debian Linux 2.2.0 sparc
  • Debian Linux 3.0.0
  • Debian Linux 3.0.0 alpha
  • Debian Linux 3.0.0 arm
  • Debian Linux 3.0.0 hppa
  • Debian Linux 3.0.0 ia-32
  • Debian Linux 3.0.0 ia-64
  • Debian Linux 3.0.0 m68k
  • Debian Linux 3.0.0 mips
  • Debian Linux 3.0.0 mipsel
  • Debian Linux 3.0.0 ppc
  • Debian Linux 3.0.0 s/390
  • Debian Linux 3.0.0 sparc
  • FreeBSD FreeBSD 4.4.0
  • FreeBSD FreeBSD 4.5.0
  • FreeBSD FreeBSD 4.5.0 -RELEASE
  • FreeBSD FreeBSD 4.6.0
  • FreeBSD FreeBSD 4.7.0
  • FreeBSD FreeBSD 5.0.0
  • Gentoo Linux 1.4.0 _rc1
  • Gentoo Linux 1.4.0 _rc2
  • HP AlphaServer SC
  • HP HP-UX (VVOS) 11.0.0 4
  • HP HP-UX 10.10.0
  • HP HP-UX 10.20.0
  • HP HP-UX 11.0.0
  • HP HP-UX 11.0.0 4
  • HP HP-UX 11.11.0
  • HP HP-UX 11.22.0
  • HP HP-UX B.11.00
  • HP HP-UX B.11.04
  • HP HP-UX B.11.11
  • HP HP-UX B.11.22
  • HP MPE/iX 6.5.0
  • HP MPE/iX 7.0.0
  • HP MPE/iX 7.5.0
  • IBM AIX 4.3.3
  • IBM AIX 5.1.0
  • IBM AIX 5.2
  • IBM MVS
  • IBM OS/390 V2R10
  • IBM OS/390 V2R8
  • IBM z/OS V1R2
  • IBM z/OS V1R4
  • Immunix Immunix OS 7.0.0
  • MandrakeSoft Corporate Server 2.1.0
  • MandrakeSoft Linux Mandrake 8.0.0
  • MandrakeSoft Linux Mandrake 8.0.0 ppc
  • MandrakeSoft Linux Mandrake 8.1.0
  • MandrakeSoft Linux Mandrake 8.1.0 ia64
  • MandrakeSoft Linux Mandrake 8.2.0
  • MandrakeSoft Linux Mandrake 8.2.0 ppc
  • MandrakeSoft Linux Mandrake 9.0.0
  • NetBSD NetBSD 1.5.0
  • NetBSD NetBSD 1.5.1
  • NetBSD NetBSD 1.5.2
  • NetBSD NetBSD 1.5.3
  • NetBSD NetBSD 1.6.0
  • OpenBSD OpenBSD 3.1
  • OpenBSD OpenBSD 3.2
  • OpenPKG OpenPKG 1.2.0
  • RedHat Linux 6.2.0 i386
  • RedHat Linux 7.0.0
  • RedHat Linux 7.0.0 alpha
  • RedHat Linux 7.0.0 i386
  • RedHat Linux 7.0.0 sparc
  • RedHat Linux 7.1.0
  • RedHat Linux 7.1.0 alpha
  • RedHat Linux 7.1.0 i386
  • RedHat Linux 7.1.0 ia64
  • RedHat Linux 7.2.0 i386
  • RedHat Linux 7.2.0 ia64
  • RedHat Linux 7.3.0 i386
  • S.u.S.E. Linux 7.1.0
  • S.u.S.E. Linux 7.1.0 alpha
  • S.u.S.E. Linux 7.1.0 ppc
  • S.u.S.E. Linux 7.1.0 sparc
  • S.u.S.E. Linux 7.1.0 x86
  • S.u.S.E. Linux 7.2.0
  • S.u.S.E. Linux 7.2.0 i386
  • S.u.S.E. Linux 7.3.0
  • S.u.S.E. Linux 7.3.0 i386
  • S.u.S.E. Linux 7.3.0 ppc
  • S.u.S.E. Linux 7.3.0 sparc
  • S.u.S.E. Linux 8.0.0
  • S.u.S.E. Linux 8.0.0 i386
  • S.u.S.E. Linux 8.1.0
  • SCO Open Server 5.0.4
  • SCO Open Server 5.0.5
  • SCO Open Server 5.0.6
  • SCO Open Server 5.0.6 a
  • SCO Open UNIX 8.0.0
  • SCO Unixware 7.1.1
  • SCO Unixware 7.1.3
  • SGI Freeware 1.0.0
  • SGI IRIX 6.5.0
  • SGI IRIX 6.5.1
  • SGI IRIX 6.5.10
  • SGI IRIX 6.5.10f
  • SGI IRIX 6.5.10m
  • SGI IRIX 6.5.11
  • SGI IRIX 6.5.11f
  • SGI IRIX 6.5.11m
  • SGI IRIX 6.5.12
  • SGI IRIX 6.5.12 f
  • SGI IRIX 6.5.12 m
  • SGI IRIX 6.5.13
  • SGI IRIX 6.5.13 f
  • SGI IRIX 6.5.13 m
  • SGI IRIX 6.5.14
  • SGI IRIX 6.5.14 f
  • SGI IRIX 6.5.14 m
  • SGI IRIX 6.5.15
  • SGI IRIX 6.5.15f
  • SGI IRIX 6.5.15m
  • SGI IRIX 6.5.16
  • SGI IRIX 6.5.16f
  • SGI IRIX 6.5.16m
  • SGI IRIX 6.5.17
  • SGI IRIX 6.5.17f
  • SGI IRIX 6.5.17m
  • SGI IRIX 6.5.18
  • SGI IRIX 6.5.18f
  • SGI IRIX 6.5.18m
  • SGI IRIX 6.5.19
  • SGI IRIX 6.5.2
  • SGI IRIX 6.5.3
  • SGI IRIX 6.5.4
  • SGI IRIX 6.5.5
  • SGI IRIX 6.5.6
  • SGI IRIX 6.5.7
  • SGI IRIX 6.5.7f
  • SGI IRIX 6.5.7m
  • SGI IRIX 6.5.8
  • SGI IRIX 6.5.8f
  • SGI IRIX 6.5.8m
  • SGI IRIX 6.5.9
  • SGI IRIX 6.5.9f
  • SGI IRIX 6.5.9m
  • SOTLinux SOTLinux 2003 Desktop 0.0.0
  • SOTLinux SOTLinux 2003 Server 0.0.0
  • Sendmail Consortium Sendmail 5.59.0
  • Sendmail Consortium Sendmail 5.61.0
  • Sendmail Consortium Sendmail 5.65.0
  • Sendmail Consortium Sendmail 8.10.0
  • Sendmail Consortium Sendmail 8.10.1
  • Sendmail Consortium Sendmail 8.10.2
  • Sendmail Consortium Sendmail 8.11.0
  • Sendmail Consortium Sendmail 8.11.1
  • Sendmail Consortium Sendmail 8.11.2
  • Sendmail Consortium Sendmail 8.11.3
  • Sendmail Consortium Sendmail 8.11.4
  • Sendmail Consortium Sendmail 8.11.5
  • Sendmail Consortium Sendmail 8.11.6
  • Sendmail Consortium Sendmail 8.12.0 .0
  • Sendmail Consortium Sendmail 8.12.0 beta10
  • Sendmail Consortium Sendmail 8.12.0 beta12
  • Sendmail Consortium Sendmail 8.12.0 beta16
  • Sendmail Consortium Sendmail 8.12.0 beta5
  • Sendmail Consortium Sendmail 8.12.0 beta7
  • Sendmail Consortium Sendmail 8.12.1
  • Sendmail Consortium Sendmail 8.12.2
  • Sendmail Consortium Sendmail 8.12.3
  • Sendmail Consortium Sendmail 8.12.4
  • Sendmail Consortium Sendmail 8.12.5
  • Sendmail Consortium Sendmail 8.12.6
  • Sendmail Consortium Sendmail 8.12.7
  • Sendmail Consortium Sendmail 8.8.8
  • Sendmail Consortium Sendmail 8.9.0.0
  • Sendmail Consortium Sendmail 8.9.1
  • Sendmail Consortium Sendmail 8.9.2
  • Sendmail Consortium Sendmail 8.9.3
  • Sendmail Consortium Sendmail Switch 2.1.0
  • Sendmail Consortium Sendmail Switch 2.1.1
  • Sendmail Consortium Sendmail Switch 2.1.2
  • Sendmail Consortium Sendmail Switch 2.1.3
  • Sendmail Consortium Sendmail Switch 2.1.4
  • Sendmail Consortium Sendmail Switch 2.2.0
  • Sendmail Consortium Sendmail Switch 2.2.1
  • Sendmail Consortium Sendmail Switch 2.2.2
  • Sendmail Consortium Sendmail Switch 2.2.3
  • Sendmail Consortium Sendmail Switch 2.2.4
  • Sendmail Consortium Sendmail Switch 3.0.0
  • Sendmail Consortium Sendmail Switch 3.0.1
  • Sendmail Consortium Sendmail Switch 3.0.2
  • Sendmail Consortium Sendmail for NT 2.6.0
  • Sendmail Consortium Sendmail for NT 2.6.1
  • Sendmail Consortium Sendmail for NT 3.0.0
  • Sendmail Consortium Sendmail for NT 3.0.1
  • Sendmail Consortium Sendmail for NT 3.0.2
  • Sendmail Inc Sendmail Advanced Message Server 1.2.0
  • Sendmail Inc Sendmail Advanced Message Server 1.3.0
  • Sendmail Inc Sendmail Switch 2.1.0
  • Sendmail Inc Sendmail Switch 2.1.1
  • Sendmail Inc Sendmail Switch 2.1.2
  • Sendmail Inc Sendmail Switch 2.1.3
  • Sendmail Inc Sendmail Switch 2.1.4
  • Sendmail Inc Sendmail Switch 2.2.0
  • Sendmail Inc Sendmail Switch 2.2.1
  • Sendmail Inc Sendmail Switch 2.2.2
  • Sendmail Inc Sendmail Switch 2.2.3
  • Sendmail Inc Sendmail Switch 2.2.4
  • Sendmail Inc Sendmail Switch 3.0.0
  • Sendmail Inc Sendmail Switch 3.0.1
  • Sendmail Inc Sendmail Switch 3.0.2
  • Sendmail Inc Sendmail for NT 2.6.0
  • Sendmail Inc Sendmail for NT 2.6.1
  • Sendmail Inc Sendmail for NT 3.0.0
  • Sendmail Inc Sendmail for NT 3.0.1
  • Sendmail Inc Sendmail for NT 3.0.2
  • Slackware Linux -current
  • Slackware Linux 8.1.0
  • Sun Cobalt CacheRaQ 4
  • Sun Cobalt ManageRaQ3 3000R-mr
  • Sun Cobalt Qube 3
  • Sun Cobalt Qube3 4000WG
  • Sun Cobalt RaQ 3
  • Sun Cobalt RaQ 4
  • Sun Cobalt RaQ 550
  • Sun Cobalt RaQ XTR
  • Sun Cobalt RaQ XTR 3500R
  • Sun Cobalt RaQ4 3001R
  • Sun LX50
  • Sun Linux 5.0.0
  • Sun Linux 5.0.3
  • Sun Solaris 2.6
  • Sun Solaris 2.6_x86
  • Sun Solaris 7.0
  • Sun Solaris 7.0_x86
  • Sun Solaris 8
  • Sun Solaris 8_x86
  • Sun Solaris 9
  • Sun Solaris 9_x86
  • Wind River Systems BSD/OS 4.2.0
  • Wind River Systems BSD/OS 4.3.1
  • Wind River Systems BSD/OS 5.0.0
  • Wind River Systems Platform SA 1.0.0

References:

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.