Sendmail contains a buffer overflow vulnerability in code that parses email addresses. This vulnerability could allow a remote attacker to execute arbitrary code or cause a denial of service on a vulnerable system.
Sendmail is a widely used mail transfer agent (MTA). There is a buffer overflow vulnerability in code that parses email addresses.
When processing email messages, sendmail creates tokens from address elements (user, host, domain). The code that performs this function (prescan() in parseaddr.c) contains a vulnerability that could allow a remote attacker to overwrite memory structures and execute arbitary code. The attacker could exploit this vulnerability using an email message with a specially crafted address. Such a message could be passed through MTAs that are not vulnerable.
A remote attacker could execute arbitrary code with the privileges of the Sendmail process, typically root. The attacker may also be able to cause a denial of service.
This vulnerability was discovered by Michal Zalewski.