|
All Categories The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CAN-2002-1337.Category: SMTP |
IPS Alert Level | ||
Low |
Medium |
High |
Home | Products | Applications | Markets | Support | How to Buy | Channel Partners | Company | ||
Comprehensive Internet Security ® 2003 SonicWALL, Inc. | Privacy Statement |