The program sendmail
has been in the
News again and again due to vulnerabilities. Concerning the number of
vulnerabilities, the last months there were not too many.
So a safe use of this software is possible - if it's configured
and the latest version is used.
At the moment, the latest version is
A lower version than 8.13.17
should absolutely not be used because of vulnerabilities!
Since version 8.10.x these vulnerabilities have been fixed:
Version 8.11.2 has some corrections of (Minor-) bugs und among others
improvements for using LDAP.
- Due to a change in treating signals when communicating with
other MTAs, the possibility of race conditions is reduced.
- A race condition has been fixed in version 8.11.4.
- In version 8.11.5 problems with oversized parameters for
Debugging have been found.
- Due to a local exploit, local users have access to the
mail queue in version 8.12.0.
- Version 8.12.3 fixes some bugs found in 8.12.0 to 8.12.2.
This version fixes some bugs e.g. with MIME. Compared with version
there is an improvement in performance and security.
- Version 8.12.4
fixes a problem concerning
which has been reasoned by improper permissions.
a potential buffer overflow has been fixed. It occurred in a part of
program, which has never been executed when sendmail is configured as
- Version 8.12.6
solves a problem concerning sendmail acting as an open mail relay, if
FallbackMXhost and FEATURE(`relay_based_on_MX') were configured in
parallel. Additionally, some minor bugs have been fixed.
- Version 8.12.7
solves the problem with smrsh, published in December 2002. Fixes for
BIND are included, too.
- Version 8.12.8
has been published in March 2003 because all known versions show a
buffer overflow when working on the headers. So attackers could gain
administrative rights remotely.
- At the end of March 2003
has been published.
The reason is a remote exploitable buffer overflow in all earlier
It happens when the IP address data are changed to integer numbers.
- In the middle of September 2003
has been published due to a buffer overflow in the function prescan()
all earlier versions.
To gain unauthorized access to a system, only an E-Mail with
header is necessary.
- In the middle of March 2006
has been published due to a race condition in asynchron signal handling
which can be used for a remote root exploit.
- In the middle of June 2006
has been published due to a possible crash caused by consumption of all memory in the stack segement
during conversion from MIME 8-bit to 7-bit.
This can be used for a denial-of-service.
The latest version and patches are available by Anonymous FTP
Each new versions lowers the number of known vulnerabilities and bugs
Further information about sendmail is available in the web: www.sendmail.org
Also some News Groups are discussing this topic: e.g. comp.mail.sendmail
(For following this link you will need access to your News Server).
For an easy installation and configuration by using a browser a commercial version
of sendmail is available.
By the way: To find out the version running on
your system, you only need this command:
sendmail -d0 -bt < /dev/null | grep Version