Sendmail < 8.12.10 prescan() Function Remote Overflow
Critical Nessus Plugin ID 11838
SynopsisThe remote mail server is prone to multiple buffer overflow attacks.
DescriptionAccording to its version number, the remote Sendmail server is between 5.79 to 8.12.9. Such versions are reportedly vulnerable to remote buffer overflow attacks, one in the 'prescan()' function and another involving its ruleset processing. A remote user may be able to leverage these issues to gain root privileges.
SolutionUpgrade to Sendmail version 8.12.10 or later.