ID de Prueba:	1.3.6.1.4.1.25623.1.0.11316
Categoría:	SMTP problems
Título:	Sendmail 5.79 - 8.12.7 Remote Header Buffer Overflow Vulnerability
Resumen:	The remote Sendmail server, according to its version number,; may be vulnerable to a remote buffer overflow allowing remote users to gain root privileges.
Descripción:	Summary: The remote Sendmail server, according to its version number, may be vulnerable to a remote buffer overflow allowing remote users to gain root privileges. Affected Software/OS: Sendmail versions 5.79 through 8.12.7. Solution: Update to version 8.12.8 or later. If you cannot upgrade, apply patches for 8.10-12 from the linked references. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2001-1349 BugTraq ID: 2794 http://www.securityfocus.com/bid/2794 BindView Security Advisory: 20010528 Unsafe Signal Handling in Sendmail http://razor.bindview.com/publish/advisories/adv_sm8120.html Bugtraq: 20010529 sendmail 8.11.4 and 8.12.0.Beta10 available (fwd) (Google Search) http://www.securityfocus.com/archive/1/187127 RedHat Security Advisories: RHSA-2001:106 http://rhn.redhat.com/errata/RHSA-2001-106.html http://www.iss.net/security_center/static/6633.php Common Vulnerability Exposure (CVE) ID: CVE-2002-1337 AIX APAR: IY40500 http://www-1.ibm.com/support/search.wss?rs=0&q=IY40500&apar=only AIX APAR: IY40501 http://www-1.ibm.com/support/search.wss?rs=0&q=IY40501&apar=only AIX APAR: IY40502 http://www-1.ibm.com/support/search.wss?rs=0&q=IY40502&apar=only BugTraq ID: 6991 http://www.securityfocus.com/bid/6991 Bugtraq: 20030303 Fwd: APPLE-SA-2003-03-03 sendmail (Google Search) http://marc.info/?l=bugtraq&m=104678862109841&w=2 Bugtraq: 20030303 sendmail 8.12.8 available (Google Search) http://marc.info/?l=bugtraq&m=104673778105192&w=2 Bugtraq: 20030304 GLSA: sendmail (200303-4) (Google Search) http://marc.info/?l=bugtraq&m=104678862409849&w=2 Bugtraq: 20030304 [LSD] Technical analysis of the remote sendmail vulnerability (Google Search) http://marc.info/?l=bugtraq&m=104678739608479&w=2 Caldera Security Advisory: CSSA-2003-SCO.5 ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.5 Caldera Security Advisory: CSSA-2003-SCO.6 ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.6 http://www.cert.org/advisories/CA-2003-07.html CERT/CC vulnerability note: VU#398025 http://www.kb.cert.org/vuls/id/398025 Conectiva Linux advisory: CLA-2003:571 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000571 Debian Security Information: DSA-257 (Google Search) http://www.debian.org/security/2003/dsa-257 FreeBSD Security Advisory: FreeBSD-SA-03:04 HPdes Security Advisory: HPSBUX0302-246 http://marc.info/?l=bugtraq&m=104679411316818&w=2 ISS Security Advisory: 20030303 Remote Sendmail Header Processing Vulnerability http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950 http://frontal2.mandriva.com/security/advisories?name=MDKSA-2003:028 NETBSD Security Advisory: NetBSD-SA2003-002 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-002.txt.asc https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2222 http://www.redhat.com/support/errata/RHSA-2003-073.html http://www.redhat.com/support/errata/RHSA-2003-074.html http://www.redhat.com/support/errata/RHSA-2003-227.html SGI Security Advisory: 20030301-01-P ftp://patches.sgi.com/support/free/security/advisories/20030301-01-P SuSE Security Announcement: SuSE-SA:2003:013 (Google Search) http://www.iss.net/security_center/static/10748.php
Copyright	Copyright (C) 2003 SECNAP Network Security

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.