Sendmail headers.c crackaddr Function Address Field Handling Remote Overflow
Critical Nessus Plugin ID 11316
SynopsisThe remote host has an application that is affected by a buffer overflow vulnerability.
DescriptionThe remote sendmail server, according to its version number, may be affected by a remote buffer overflow allowing remote users to gain root privileges.
Sendmail versions from 5.79 to 8.12.7 are affected.
*** Nessus reports this vulnerability using only
*** the banner of the remote SMTP server. Therefore,
*** this might be a false positive.
SolutionUpgrade to Sendmail ver 8.12.8 or later. If you cannot upgrade, apply patches for 8.10-12 here :
NOTE: manual patches do not change the version numbers.
Vendors who have released patched versions of sendmail may still falsely show vulnerability.