Update Protection against Sendmail Header Processing Buffer Overflow Vulnerability
| Check Point Reference: | CPAI-2009-293 | |
| Date Published: | ||
| Severity: | ||
| Source: | SecurityFocus ID: 6991 | |
| Industry Reference(s): | CVE-2002-1337 | |
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? Sendmail 5.2 to 8.12.7 | ||
| Vulnerability Description A buffer overflow vulnerability exists in Sendmail. Sendmail is a general purpose internetwork email routing facility that supports many kinds of mail-transfer and -delivery methods, including the Simple Mail Transfer Protocol (SMTP). A remote attacker may exploit this vulnerability to gain control of a vulnerable sendmail server. |
||
|
Vulnerability Details The vulnerability is due to an error in the Sendmail SMTP header parsing component. An attacker may trigger this issue by sending a specially crafted mail message that contains a formatted address field to a vulnerable server. Successful exploitation of this vulnerability will allow the attacker to take control over the affected Sendmail server. |
Protection Overview
This protection will detect and block specially crafted mail messages attempting to exploit this vulnerability.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.