KDE/Sendmail Updates for Red Hat
Posted on: 09/18/2003 09:41 AM
Two new security updates for Red Hat Linux has been releasedUpdated Sendmail packages fix vulnerability
Updated Sendmail packages that fix a potentially-exploitable vulnerability are now available.Read moreUpdated KDE packages fix security issues
Sendmail is a widely used Mail Transport Agent (MTA) and is included in all Red Hat Linux distributions.
Michal Zalewski found a bug in the prescan() function of unpatched Sendmail versions prior to 8.12.10. The sucessful exploitation of this bug can lead to heap and stack structure overflows. Although no exploit currently exists, this issue is locally exploitable and may also be remotely exploitable. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0694 to this issue.