SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (E-mail Server)  >   Sendmail Vendors:   Sendmail Consortium
(OpenBSD Issues Fix for 3.2) Re: Sendmail Buffer Overflow in Parsing Addresses May Let Remote or Local Users Execute Arbitrary Code With Root Privileges
SecurityTracker Alert ID:  1006420
SecurityTracker URL:  http://securitytracker.com/id/1006420
CVE Reference:   CVE-2003-0161   (Links to External Site)
Date:  Mar 31 2003
Impact:   Execution of arbitrary code via local system, Execution of arbitrary code via network, Root access via local system, Root access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 8.12.8 and prior versions
Description:   A buffer overflow vulnerability was reported in Sendmail in the address parsing code. A remote or local user could cause arbitrary code to be executed with root privileges.

The flaw reportedly resides in 'parseaddr.c' in a char to int variable conversion. Data received from untrusted sources, potentially including e-mail addresses or DNS domain names, that contain extended ASCII characters and that are longer than a certain size may be able to trigger the flaw and cause code to be executed.

The vendor is reporting this as a "critical security problem."

The vendor credits Michal Zalewski for reporting the flaw.

Impact:   A remote or local user could cause arbitrary code to be executed with root privileges.
Solution:   OpenBSD has issued a patch for OpenBSD 3.2:

ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/014_sendmail.patch

Vendor URL:  www.sendmail.org/8.12.9.html (Links to External Site)
Cause:   Boundary error
Underlying OS:  UNIX (OpenBSD)
Underlying OS Comments:  3.2

Message History:   This archive entry is a follow-up to the message listed below.
Mar 29 2003 Sendmail Buffer Overflow in Parsing Addresses May Let Remote or Local Users Execute Arbitrary Code With Root Privileges



 Source Message Contents

Subject:  OpenBSD 3.2 sendmail patch


SECURITY FIX: March 31, 2003

A buffer overflow in the address parsing in sendmail(8) may allow an attacker to gain root
privileges.
A source code patch exists which remedies the problem:

ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/014_sendmail.patch


 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC