[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CERTs sendmail/identd warning of yesterday



Hello,
	I am glad to say that the warning issued by CERT
	on recent boguous IDENT response-genereated hole
	on BSD sendmail does not exist on ZMailer's
	smtpserver.

	Apparently a creative way to feeding boguous
	user-id was able to cause some sort of buffer
	overflows on Sendmail 8.6.x (..10 fixed that),
	and that overflown data was able to cause
	additional havock..

	/Matti Aarnio	<mea@nic.funet.fi> <mea@utu.fi>