Re: [Exim] OT - CERT Advisory - Buffer Overflow in Sendmail

Top Page
Delete this message
Reply to this message
Author: Kevin W. Reed
Date:  
To: exim-users
Subject: Re: [Exim] OT - CERT Advisory - Buffer Overflow in Sendmail
Dennis Davis said:
> Agreed. We're using it for this as well. However the Advisory also
> includes the sentence:
>
> Sendmail contains a vulnerability in its address parsing code. An
> error in the prescan() function could allow an attacker to write
> past the end of a buffer, corrupting memory structures.
>
> so it looks like there's a problem with the parsing of addresses
> in the message headers, not the envelope. This requires rather
> specialised content scanning unless the addresses are easy to pick
> out.
>
> Using:
>
> require verify = header_sender
>
> require verfify = header_syntax
>
> in your acl_smtp_data may give you some protection, but I wouldn't
> count on it.


Actually this turned out to be a lot easier than that. None of those
internal boxes are addressible for email from the outside anyway. They
only can talk between themselves and out the door but the hostname is then
masqarded away and there are no provisions to get return email from the
Internet back to those servers.

Thanks for the info on the require verify = header_syntax though.

--
Kevin W. Reed - TNET Services, Inc.
Mailing List Account
URL: http://www.tnet.com Support Forums: http://www.tnet.com/forum