Sun Microsystems Inc. Information for VU#784980

Sendmail prescan() buffer overflow vulnerability



Vendor Statement

Sun acknowledges that our versions of sendmail on Solaris releases 7, 8 and 9 are affected by this issue. The affected versions of sendmail are 8.11.7+Sun (and earlier) on S7 and S8, and 8.12.9+Sun (and earlier) on S9. The new versions with the fix will be 8.11.7p1+Sun on S7 and S8, and 8.12.10+Sun on S9.

A Sun Alert for this issue will be issued soon and will be available from:


Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References



The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.