icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Sendmail < 8.7.6 GECOS Field Local Overflow DoS

High

Synopsis

The remote host is vulnerable to a flaw that allows attackers to retrieve sensitive files or data.

Description

The remote Sendmail server has a buffer overflow and a denial of service vulnerability in the way it uses the GECOS fields. A local attacker may exploit this flaw to escalate privileges on this host and gain a root shell.

Solution

Upgrade to Sendmail 8.7.6 or higher.