Sendmail Information for VU#803539
Multiple vendors' Domain Name System (DNS) stub resolvers vulnerable to buffer overflows
Sendmail uses the BIND resolver API, and is commonly linked with the BIND resolver library (libbind). As a result, Sendmail could be leveraged to exploit this vulnerability.
The custom DNS map TXT record handling issue that was fixed in Sendmail 8.12.5 is a different issue, which is described in VU#814627. The default configuration of Sendmail is not vulnerable to VU#814627.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.