The DNS map code in Sendmail 8.12.8 and earlier, when using the enhdnsbl feature, does not properly initialize certain data structures, which allows remote attackers to cause a denial of service (process crash) via an invalid DNS response that causes Sendmail to free incorrect data.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Sendmail | Redhat | 8.12.5-7 (including) | 8.12.5-7 (including) |
Sendmail | Redhat | 8.12.8-4 (including) | 8.12.8-4 (including) |
Sendmail | Sendmail | 8.12.1 (including) | 8.12.1 (including) |
Sendmail | Sendmail | 8.12.2 (including) | 8.12.2 (including) |
Sendmail | Sendmail | 8.12.3 (including) | 8.12.3 (including) |
Sendmail | Sendmail | 8.12.4 (including) | 8.12.4 (including) |
Sendmail | Sendmail | 8.12.5 (including) | 8.12.5 (including) |
Sendmail | Sendmail | 8.12.6 (including) | 8.12.6 (including) |
Sendmail | Sendmail | 8.12.7 (including) | 8.12.7 (including) |
Sendmail | Sendmail | 8.12.8 (including) | 8.12.8 (including) |
Irix | Sgi | 6.5.19 (including) | 6.5.19 (including) |
Irix | Sgi | 6.5.20 (including) | 6.5.20 (including) |
Irix | Sgi | 6.5.21 (including) | 6.5.21 (including) |
Red Hat Linux 8.0 | RedHat | * | |
Red Hat Linux 9 | RedHat | * |