potential denial of service problem in sendmail.

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

potential denial of service problem in sendmail.

Brad Smith-14
A potential denial of service problem has been found in sendmail.
A malformed MIME message could trigger excessive recursion which
will lead to stack exhaustion. This denial of service attack only
affects delivery of mail from the queue and delivery of a malformed
message. Other incoming mail is still accepted and delivered.
However, mail messages in the queue may not be reattempted if a
malformed MIME message exists.

Patches for the respective releases:
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.9/common/003_sendmail2.patch
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/008_sendmail2.patch