Sendmail Information for VU#993452

http://www.sendmail.org/dnsmap1.html

Vendor Information

DNS map problem in 8.12.x before 8.12.9

There is a potential problem in sendmail 8.12.8 and earlier sendmail 8.12.x versions with respect to DNS maps. The bug did not exist in versions before 8.12 as the DNS map type is new to 8.12. The bug was fixed in 8.12.9, released March 29, 2003 but not labeled as a security fix as it wasn't believed to be a security bug:

Properly initialize data structure for dns maps to avoid various
errors, e.g., looping processes. Problem noted by
Maurice Makaay of InterNLnet B.V.

Note that only FEATURE(`enhdnsbl') uses a DNS map. We do not have an assessment whether this problem is exploitable, however, if you use a DNS map and an 8.12 version older than 8.12.9, then either upgrade (strongly recommended) or apply the trivial patch given below.

This problem has been reported to FreeBSD by Oleg Bulyzhin, see

Here's a quote from the report:

Fix

Use sm_resolve.c coming with sendmail 8.12.9 or use this patch:

--- sm_resolve.c.orig Fri Jun 28 00:43:24 2002
+++ sm_resolve.c Thu Jul 10 01:21:17 2003
@@ -233,6 +233,7 @@
dns_free_data(r);
return NULL;
}
+ memset(*rr, 0, sizeof(**rr));
(*rr)->rr_domain = sm_strdup(host);
if ((*rr)->rr_domain == NULL)
{

If you have feedback, comments, or additional information about this vulnerability, please send us email.