Sendmail vulnerabilities


Summary

Assorted sendmail vulnerabilities.

The problems

With almost every sendmail version that was built before February 1998, a malicious user can gain unauthorized privileges by exploiting newlines in command-line arguments or in the process environment or in buffer overflow attacks. Intruders need not have access to an account on your system to exploit this problem.

Another exploit involves using sendmail to generate a buffer overflow in the syslog facility.

Fix

Other tips

CVE Reference(s):