Sendmail Information for VU#993452

Sendmail fails to appropriately initialize data structures for DNS maps

Status

Affected

Vendor Statement

Please see the vendor statement for VU#993452 at:

http://www.sendmail.org/dnsmap1.html

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

Text of statement for VU#993452 follows:

DNS map problem in 8.12.x before 8.12.9

There is a potential problem in sendmail 8.12.8 and earlier sendmail 8.12.x versions with respect to DNS maps. The bug did not exist in versions before 8.12 as the DNS map type is new to 8.12. The bug was fixed in 8.12.9, released March 29, 2003 but not labeled as a security fix as it wasn't believed to be a security bug:

Properly initialize data structure for dns maps to avoid various
errors, e.g., looping processes. Problem noted by
Maurice Makaay of InterNLnet B.V.

Note that only FEATURE(`enhdnsbl') uses a DNS map. We do not have an assessment whether this problem is exploitable, however, if you use a DNS map and an 8.12 version older than 8.12.9, then either upgrade (strongly recommended) or apply the trivial patch given below.

This problem has been reported to FreeBSD by Oleg Bulyzhin, see

Here's a quote from the report:

Fix

Use sm_resolve.c coming with sendmail 8.12.9 or use this
patch:

--- sm_resolve.c.orig Fri Jun 28 00:43:24 2002
+++ sm_resolve.c Thu Jul 10 01:21:17 2003
@@ -233,6 +233,7 @@
dns_free_data(r);
return NULL;
}
+ memset(*rr, 0, sizeof(**rr));
(*rr)->rr_domain = sm_strdup(host);
if ((*rr)->rr_domain == NULL)
{

If you have feedback, comments, or additional information about this vulnerability, please send us email.