Microsoft KB Archive/817350

= Buffer Overflow in Sendmail =

Article ID: 817350

Article Last Modified on 10/11/2005

-

APPLIES TO


 * Microsoft Windows Services for UNIX 3.0 Standard Edition

-





SYMPTOMS
The Interix sendmail program contains two vulnerabilities that can permit a a denial-of-service condition or allow an intruder to gain control of a vulnerable sendmail server.



RESOLUTION
A supported hotfix is now available from Microsoft, but it is only intended to correct the problem that is described in this article. Only apply it to systems that are experiencing this specific problem. This hotfix may receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next version that contains this hotfix.

To resolve this problem immediately, contact Microsoft Product Support Services to obtain the fix. For a complete list of Microsoft Product Support Services phone numbers and information about support costs, visit the following Microsoft Web site:

http://support.microsoft.com/contactus/?ws=support

Note In special cases, charges that are ordinarily incurred for support calls may be canceled if a Microsoft Support Professional determines that a specific update will resolve your problem. The usual support costs will apply to additional support questions and issues that do not qualify for the specific update in question.

The global version of this fix has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.   Date         Time    Size       File name ---  03-Apr-2003  21:39   1,294,469  Sendmail



STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.



MORE INFORMATION
For more information about the sendmail vulnerability, visit the following CERT Coordination Center Web site and look under Advisories and Incident Notes:

CA-2003-07 &quot;Remote Buffer Overflow in Sendmail&quot;

CA-2003-12 &quot;Buffer Overflow in Sendmail&quot;

http://www.cert.org

Keywords: kbqfe kbhotfixserver KB817350

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.