aru Posted August 26, 2003 Report Share Posted August 26, 2003 MandrakeSoft Security Advisory MDKSA-2003:086 : sendmail August 26th, 2003 Updated sendmail packages fix vulnerability A vulnerability was discovered in all 8.12.x versions of sendmail up to and including 8.12.8. Due to wrong initialization of RESOURCE_RECORD_T structures, if sendmail receives a bad DNS reply it will call free() on random addresses which usually causes sendmail to crash. These updated packages are patched to fix the problem. The released versions of Mandrake GNU/Linux affected are: 8.2 [*] 9.0 [*] Corporate Server 2.1 Full information about this advisory, including the updated packages, is available at: www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:086 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?n...e=CAN-2003-0688 http://www.sendmail.org/dnsmap1.html http://www.freebsd.org/cgi/query-pr.cgi?pr=bin/54367 Posted automatically by aru (mdksec2mub v0.0.6) Link to comment Share on other sites More sharing options...
Recommended Posts