Home | FAQ | Contact | Privacy Policy
US-CERT
Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information
 

 View Notes By
Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric

 Other Documents
Technical Alerts

Technical Bulletins

Alerts

Security Tips

Secure Computing Network Security Division Information for VU#146718

Date Notified05/09/2006
Date Modified10/03/2006 04:05:53 AM
Status SummaryNot Vulnerable

Vendor Statement

Sidewinder G2 Security Appliance

Not Vulnerable

The standard defensive coding and configuration practices used on the Sidewinder G2 Security Appliance preve
nt this attack from interrupting the flow of mail through the system. In a standard configuration, attack m
essages will be rejected as invalid without causing an abnormal termination of sendmail. Due to the defensi
ve design of the system, even if an attack message were able to cause an instance of sendmail to terminate,
it would not prevent other messages from being delivered.

As a matter of best practices and defense in depth, the sendmail update will be included in a future patch.

Cyberguard Classic & TSP

Not Vulnerable

Cyberguard Class and TSP do not make use of sendmail for mail delivery.

US-CERT Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

Produced 2008 by US-CERT, a government organization
Disclaimers and copyright information