IBM Information for VU#784980

Sendmail prescan() buffer overflow vulnerability

Status

Affected

Vendor Statement

The AIX Security Team is aware of the issues discussed in CERT Vulnerability Note VU#784980 and CERT Advisory CA-2003-25.

The following APARs will be released to address this issue:

    APAR number for AIX 4.3.3: IY48659 (available approx. 10/03/03)
    APAR number for AIX 5.1.0: IY48658 (available approx. 10/15/03)
    APAR number for AIX 5.2.0: IY48657 (available approx. 10/29/03)
An e-fix will be available shortly. The e-fix will be available from:
This vendor statement will be updated when the e-fix becomes available.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.