A serious buffer overflow vulnerability announced last week in Sendmail is ripe to be exploited by targeted attacks, but it is also possible for a worm writer to write malicious code that exploits the security hole. No one can say whether a worm writer will create malware that targets the Sendmail flaw, but it is possible, experts said. The pervasiveness of the flaw and of Sendmail usage are strong reasons to be wary of the potential for such a worm. . . .
A serious buffer overflow vulnerability announced last week in Sendmail is ripe to be exploited by targeted attacks, but it is also possible for a worm writer to write malicious code that exploits the security hole. No one can say whether a worm writer will create malware that targets the Sendmail flaw, but it is possible, experts said. The pervasiveness of the flaw and of Sendmail usage are strong reasons to be wary of the potential for such a worm.

Conservative estimates say that Sendmail, an open-source mail transport engine, handles between 50% to 75% of all Internet e-mail traffic. Most versions of the application, which can run on Unix, Linux and Windows, are susceptible to the buffer overflow vulnerability.

An attacker could exploit the flaw in a targeted way by sending an e-mail message with a specially crafted header. The buffer is static, so if an attacker sends a certain size chunk of data, then some would spill over and run on the affected system.

The link for this article located at Search Security is no longer available.