Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2003:086: sendmail Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the sendmail package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2003:086 (sendmail).
A vulnerability was discovered in all 8.12.x versions of sendmail up to and
including 8.12.8. Due to wrong initialization of RESOURCE_RECORD_T structures,
if sendmail receives a bad DNS reply it will call free() on random addresses
which usually causes sendmail to crash.
These updated packages are patched to fix the problem.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2003:086
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.