[Esd-l] FYI critical sendmail vulnerability
Kenneth Porter
shiva at sewingwitch.com
Mon Mar 3 16:43:57 PST 2003
<http://rhn.redhat.com/errata/RHSA-2003-073.html>
<http://www.cert.org/advisories/CA-2003-07.html>
Note that the problem affects internal servers, not just border servers.
All versions of sendmail below 8.12.8 are vulnerable. The attack takes the
form of a message, not a connection, and the message could potentially
arrive via a trusted peer.
More information about the esd-l
mailing list