Provided by Aanval (Snort & Syslog Intrusion Detection and Correlation Engine) www.aanval.com
--
GEN:SID | 1:2087 |
Message | SMTP From comment overflow attempt |
Summary | vulnerability in Sendmail. |
Impact | The remote attacker can gain access to a machine with the credentials of the user running the Sendmail daemon, usually 'root'. |
Detailed Information | A vulnerability exists in the Sendmail MTA Daemon that could allow an attacker the opportunity to gain root access. A programming error exists such that a buffer overflow can be caused using the header fields in an SMTP session. Using the '<' and '>' characters in the 'from' field, an attacker can increment a counter to the extent that the buffer exceeds it's limit. |
Affected Systems | All systems using Sendmail prior to version 8.12.8 |
Attack Scenarios | The attacker can craft an email message that contains a "from" header with enough sequences of "<>" to cause a counter to exceed it's maximum size thus causing the buffer overflow. |
Ease of Attack | Simple |
Corrective Action | All users of Sendmail should upgrade to the latest non-affected version as soon as possible. |
Additional References | CERT: http://www.cert.org/advisories/CA-2003-07.html http://www.kb.cert.org/vuls/id/398025 CVE Entry CAN-2002-1337 Sendmail: http://www.sendmail.org/8.12.8.html |
Rule References | bugtraq: 6991 cve: 2002-1337 url: www.kb.cert.org/vuls/id/398025 |
--
DID:370564
--
http://www.aanval.com/