Skip to main content

ISS Discovers Flaw in Sendmail Server Software

Article Reads:15643

Jack Writes: Internet Security Systems announced that its X-Force research and development team has discovered a serious vulnerability in Sendmail SMTP server software. Sendmail is the most popular mail transfer agent (MTA) on the Internet and is used extensively by large corporations and government agencies to route and deliver email.

In order to exploit this vulnerability, an attacker simply needs to be able to connect to the Sendmail SMTP server over a network. Exploitation of this vulnerability could allow remote attackers to take complete control of affected machines and obtain full access to users' emails, confidential information and other sensitive data on the network.

Sendmail is primarily used in UNIX server environments, although various Windows versions also exist. It is the default MTA for many operating systems. By carefully timing the transmission of malicious data targeting this vulnerability, it is possible for a remote attacker to gain control of the affected system without requiring any user interaction.

By protecting against vulnerabilities rather than known exploits, ISS keeps organizations ahead of Internet threats. Through a multi-layered security approach, ISS' Proventia(R) security products and services provide organizations with comprehensive protection for IT assets from network to host. ISS' Virtual Patch(TM) technology automatically protects organizations from Internet attacks until they are able to obtain, test and apply patches from affected vendors.

The ISS X-Force advisory on this vulnerability can be found here.


Your IP address:

44.211.26.178

All-in-one protection for Microsoft 365

All-in-one protection for Microsoft 365

FREE Hyper-V & VMware Backup

FREE Hyper-V & VMware Backup

Wi-Fi Key Generator

Generate/Crack any
WEP, WPA, WPA2 Key!

Network and Server Monitoring

Network and Server Monitoring

Follow Firewall.cx

Cisco Password Crack

Decrypt Cisco Type-7 Passwords on the fly!

Decrypt Now!

Bandwidth Monitor

Bandwidth Monitor

Free PatchManager

Free PatchManager

EventLog Analyzer

ManageEngine Eventlog Analyzer

Security Podcast

Hornet-Security-The-Swarm-Podcast

Firewall Analyzer

zoho firewall analyzer