Sendmail Multi-Part MIME Message Handling Denial of Service vulnarability

Published: 2006-06-15
Last Updated: 2006-06-15 13:05:13 UTC
by Kevin Hong (Version: 1)
0 comment(s)

The new Sendmail vulnerability reported and is cause due to an error in the termination of the recursive "mime8to7()" function when performing MIME conversions. It can be exploited to cause a certain sendmail process to crash when it runs out of stack space while processing a deeply nested malformed MIME message. It can be exploited by malicious people to cause a DoS (Denial of Service). You can apply patch or upgrade to 8.13.7 version.

Affected Version : 8.13.6 and prior.

The additional vulnerability information can be found following sites.

0 comment(s)


Diary Archives