[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
CERTs sendmail/identd warning of yesterday
Hello,
I am glad to say that the warning issued by CERT
on recent boguous IDENT response-genereated hole
on BSD sendmail does not exist on ZMailer's
smtpserver.
Apparently a creative way to feeding boguous
user-id was able to cause some sort of buffer
overflows on Sendmail 8.6.x (..10 fixed that),
and that overflown data was able to cause
additional havock..
/Matti Aarnio <mea@nic.funet.fi> <mea@utu.fi>