Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [ MDKSA-2006:104 ] - Updated sendmail packages fix remotely exploitable vulnerability

From: 3APA3A <3APA3A () SECURITY NNOV RU>
Date: Thu, 15 Jun 2006 12:14:13 +0400
Dear security () mandriva com,

smc>  References:
 
smc>  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1173

Description  Unspecified  vulnerability  in HP Tru64 UNIX 4.0F PK8 up to
5.1B-3  and  HP  Internet  Express  for Tru64 UNIX 6.3 through 6.5, when
running  Sendmail,  might  allow  remote  attackers to cause a denial of
service or execute arbitrary code. NOTE: as of 20060607, due to the lack
of  details,  it  is  not  publicly  known  whether this issue is within
Sendmail itself, and/or if it is specific to HP.

smc>  http://www.cert.org/advisories/146718

Error 404.

www.sendmail.org

Recent News

    * Sendmail 8.13.7 is available (2006-06-14); it contains a fix for a potential denial of service problem caused by 
excessive recursion which leads to stack exhaustion when attempting delivery of a malformed MIME message.

    Does Somebody have details?

-- 
~/ZARAZA
http://www.security.nnov.ru/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: