Denial of Service Vulnerability in Sendmail 8.12.8 and Earlier with enhdnsbl Feature

Denial of Service Vulnerability in Sendmail 8.12.8 and Earlier with enhdnsbl Feature

CVE-2003-0688 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

The DNS map code in Sendmail 8.12.8 and earlier, when using the "enhdnsbl" feature, does not properly initialize certain data structures, which allows remote attackers to cause a denial of service (process crash) via an invalid DNS response that causes Sendmail to free incorrect data.

Learn more about our Web Application Penetration Testing UK.