Subject: Advisories on recent Sendmail and Postfix vulnerabilities?
To: None <email@example.com>
From: Kai Puolamaki <firstname.lastname@example.org>
Date: 10/02/2003 12:24:57
The Sendmail shipping with NetBSD 1.6.1 has a buffer overflow in the
address parsing that may be remotedly exploitable.¹ The fix seems to
have been committed to CVS on 18 September 2003. Shouldn't there be a
security advisory on this...?
(There is also a remote denial of service vulnerability in Postfix²
under non-default configuration shipping with 1.6.1. The vulnerability
has been fixed in CVS on 19 August 2003 but no advisory has been