IBM Information for VU#897604
Sendmail address parsing buffer overflow
- Vendor Information Help Date Notified: 29 Mar 2003
- Statement Date:
- Date Updated: 24 Jun 2003
The AIX operating system is vulnerable to sendmail buffer overflow attack mentioned in CERT Advisory CA-2003-12 and CERT Vulnerability Note VU# 897604.
An efix is available from:
The APAR numbers and availability dated for this issue are as follows:
- APAR number for AIX 4.3.3: IY42629 (available approx. 05/07/2003)
APAR number for AIX 5.1.0: IY42630 (available approx. 04/28/2003)
APAR number for AIX 5.2.0: IY42631 (available approx. 04/28/2003)
For more information please contact your AIX Support Center.
The vendor has not provided us with any further information regarding this vulnerability.
IBM z/OS - OS/390 - MVS systems are also affected (PQ72696):
If you have feedback, comments, or additional information about this vulnerability, please send us email.