OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: unsafe fgets() in sendmail's mail.local
From: Claus Assmann (ca+bugtraqZARDOC.ENDMAIL.ORG)
Date: Tue Apr 25 2000 - 11:10:54 CDT


On Mon, Apr 24, 2000, 3APA3A wrote:
> Topic:
> unsafe fgets() in sendmail's mail.local

> 1. Possibility to insert LMTP commands into e-mail message
> 2. Possibility of deadlock between sendmail and mail.local
> 3. Possibility to corrupt user's mailbox
> 4. Possibility to change e-mail headers of the message in user's
> mailbox

> Vulnerable software:
> Problems 1 and 2: sendmail before 8.10.0 (8.9.3 tested), all
> platforms
> Problems 3 and 4: sendmail 8.10.0 and 8.10.1 (8.10.1 tested)
> under Solaris only

Thanks for the notification and your help to create a patch.
The attached patch will be in the next release of sendmail.

PS: Content-Length: shouldn't be used anyway :-)


  • text/plain attachment: p.m.c