Release DateDec 30, 2011 |
Severitycritical |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems |
DescriptionThis indicates an attack attempt to exploit a Buffer Overflow vulnerability in Sendmail.Sendmail contains a programming error in the prescan() method due to an improper conversion between a char and an int value. A malicious attacker can exploit this vulnerability to execute arbitrary code against vulnerable systems. |
Affected ProductsSendmail Inc Sendmail Switch 3.0.3 and earlier versions |
Recommended ActionsApply appropriate patch from the vendor or Upgrade to non-vulnerable version if available.http://www.sendmail.com/sm/open_source/download/ |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2003-0161CVE-2003-0694 |
Reference/shttp://www.securityfocus.com/bid/7230 (BugTraq)http://www.securityfocus.com/bid/8641 (BugTraq) |
