Slashdot Mirror


Buffer Overflow in Sendmail

ChiefArcher writes "On the footsteps of openssh, Sendmail 8.12.10 has just been released due to a buffer overflow in address parsing. Sendmail states this is potentially remotely exploitable. No updates on the Sendmail site yet, but the FTP site has the release notes."

1 of 478 comments (clear)

  1. Sendmail is a joke by retro128 · · Score: 1, Redundant

    The first thing I do when I install a Linux distro is wipe out sendmail. Running it is simply asking to be broken into. It is old, full of holes, and far past its prime. Why people still run it, I do not know...but it's probably for the same reason they still run BIND.

    The alternatives I prefer to these veritable blocks of swiss cheese are qmail and djbdns (tinydns)

    --
    -R