Bugtraq mailing list archives
Sendmail 8.9.3
From: patrick () PINE NL (Patrick Oonk)
Date: Tue, 9 Feb 1999 17:55:16 +0100
Hi all,
Sendmail 8.9.3 has been silently released a few days ago.
It can be found at www.sendmail.org
8.9.3/8.9.3 99/02/04
SECURITY: Limit message headers to a maximum of 32K bytes (total
of all headers in a single message) to prevent a denial of
service attack. This limit will be configurable in 8.10.
Problem noted by Michal Zalewski of the "Internet for Schools" project (IdS).
Patrick
--
: Patrick Oonk - http://patrick.mypage.org/ - patrick () pine nl :
: Pine Internet B.V. Consultancy, installatie en beheer :
: Tel: +31-70-3111010 - Fax: +31-70-3111011 - http://www.pine.nl/ :
: -- Pine Security Digest - http://security.pine.nl/ (Dutch) ---- :
: "unix is voor types zonder sociaal leven..." - Patrick van Eijk :
Current thread:
- Re: remote exploit on pine 4.10 - neverending story?, (continued)
- Re: remote exploit on pine 4.10 - neverending story? Thomas Roessler (Feb 08)
- Re: remote exploit on pine 4.10 - neverending story? John D. Hardin (Feb 08)
- Possible Security Problem: Fake PGP Key Ben Laurie (Feb 08)
- ISS Internet Scanner Cannot be relied upon for conclusive Audits Mr. joej (Feb 07)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive David LeBlanc (Feb 08)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive blkadder () VALUE NET (Feb 08)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive BVE (Feb 08)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive David LeBlanc (Feb 09)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Jim Trocki (Feb 11)
- How scanners actually work David LeBlanc (Feb 10)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive David LeBlanc (Feb 08)
- Sendmail 8.9.3 Patrick Oonk (Feb 09)