The DNS map code in Sendmail 8.12.8 and previous versions, when using the "enhdnsbl" feature, does not properly initialize certain data structures, which allows remote malicious users to cause a denial of service (process crash) via an invalid DNS response that causes Sendmail to free incorrect data.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat sendmail 8.12.8-4 |
||
sendmail sendmail 8.12.1 |
||
sendmail sendmail 8.12.8 |
||
sgi irix 6.5.19 |
||
redhat sendmail 8.12.5-7 |
||
sendmail sendmail 8.12.4 |
||
sendmail sendmail 8.12.5 |
||
sendmail sendmail 8.12.2 |
||
sendmail sendmail 8.12.3 |
||
sgi irix 6.5.20 |
||
sgi irix 6.5.21 |
||
sendmail sendmail 8.12.6 |
||
sendmail sendmail 8.12.7 |
||
freebsd freebsd 4.7 |
||
freebsd freebsd 4.8 |
||
compaq tru64 5.0a |
||
freebsd freebsd 5.0 |
||
openbsd openbsd 3.2 |
||
compaq tru64 5.1 |
||
freebsd freebsd 4.6 |