Last Updated: 2006-08-29 20:45:42 UTC
by Scott Fendley (Version: 2)
On August 9, 2006, Sendmail.org released version 8.13.8 which addressed a few bugs that were discovered in 8.13.7, and fixed a few other bugs. One particular bug fixes an issue where sendmail would crash due to referencing a variable that had be freed. This flaw can be exploited by crafting a message which very long header lines. I did not see much media attention to this when it was released (in fact I personally missed the note that it had updated). However in the past 24 hours a number of organizations have now posted information about it. ( Oh well, looks like I wasn't the only one that missed it at the time. And I don't think I can necessarily blame it on the students returning to my campus. ;-) )
As this appears to just be a DoS issue, it is our recommendation that if you are using Sendmail based products, please upgrade to 8.13.8 available at Sendmail.org, or contact your vendor for appropriate updates. Also, make sure you are on the appropriate announcement list for any software vendors that you use. Sometimes little security issues can get past even the best of us if we don't visit the local CVS repository, or website on a daily/weekly basis.
I am looking around for appropriate Snort Rules that might detect for this
For More Information:
http://www.openbsd.org/errata.html (August 25 sendmail patch)
ISC Handler On Duty