Security Portal

Intrusion Prevention Service

Signature Version: 4.1044


SMTP Sendmail Header Processing Buffer Overflow
Threat Level: Critical
Release Date: 2006/11/8
Category: Buffer Overflow
Signature ID: 1050336
Included In:
Affected OS: Linux
Description: This vulnerability is message-oriented as opposed to connection-oriented. That means that the vulnerability is triggered by the contents of a specially-crafted email message rather than by lower-level network traffic. This is important because an MTA that does not contain the vulnerability will pass the malicious message along to other MTAs that may be protected at the network level. In other words, vulnerable sendmail servers on the interior of a network are still at risk, even if the site's border MTA uses software other than sendmail. Also, messages capable of exploiting this vulnerability may pass undetected through many common packet filters or firewalls.
Impact: This vulnerability may allow an attacker to gain the privileges of the sendmail daemon, typically root.
Recommendation: Please off-line the victim host and patch the system or software which exists vulnerabilities immediately.
False Positive: None
False Negative: None
Additional Information (Links open in new window):
Reference(s): MISC:CA-2003-07; CVE-2002-1337

Search the Threat Database
Enter Rule ID or Name