RealNews

Sendmail Flaw Threatens Internet Email

Buffer overflow vulnerability could be exploited by hackers to take control of mail servers Malicious hackers could exploit a security flaw to gain control of software responsible for transporting three-quarters of internet email. Details of the buffer overflow vulnerability in Sendmail’s Mail Transfer Agent (MTA) were released yesterday by Sendmail and security firm Internet Security Systems (ISS), which discovered the flaw. Sendmail is the internet’s most popular email handling agent. Between 50 and 75 per cent of all internet email uses Sendmail MTA. A similar exploit in Microsoft’s software was responsible for the Slammer virus spreading so rapidly and slowing down internet traffic in January. Attackers could remotely exploit this vulnerability to gain ‘root’ or ‘superuser’ control of vulnerable Sendmail servers, according to ISS. The vulnerability is especially dangerous because exploits can be delivered by email. Hackers would not need specific knowledge of target servers to be able to launch successful attacks, ISS warned. Full Story

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.