Red Hat, Inc. Information for VU#146718

Sendmail fails to handle malformed multipart MIME messages

Status

Affected

Vendor Statement

Red Hat distributes Sendmail in all Red Hat Enterprise Linux releases. By default on Red Hat Enterprise Linux, Sendmail is configured to only accept connections from the local host. Therefore, only users who have configured Sendmail to listen to remote hosts would be remotely vulnerable to this denial of service issue.

Updated Sendmail packages will shortly be available along with our advisory at the URL below. At the same time users of the Red Hat Network will be able to update their systems using the 'up2date' tool.

https://rhn.redhat.com/errata/RHSA-2006-0515.html

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

None

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.