diff options
| author | Bruce A. Mah <bmah@FreeBSD.org> | 2003-03-03 18:20:00 +0000 |
|---|---|---|
| committer | Bruce A. Mah <bmah@FreeBSD.org> | 2003-03-03 18:20:00 +0000 |
| commit | f5bc71ea34fa6e02674a518e356c4584d495dc2b (patch) | |
| tree | e2c1707cc9970485a5c0ca2b67bb9c6c530b33aa | |
| parent | 9e3377a3354bbb46bf10d19c933c13ccde682db1 (diff) | |
Notes
| -rw-r--r-- | release/doc/en_US.ISO8859-1/errata/article.sgml | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/release/doc/en_US.ISO8859-1/errata/article.sgml b/release/doc/en_US.ISO8859-1/errata/article.sgml index 64b9d47a4915..964722fc1e27 100644 --- a/release/doc/en_US.ISO8859-1/errata/article.sgml +++ b/release/doc/en_US.ISO8859-1/errata/article.sgml @@ -133,6 +133,14 @@ given in security advisory <ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:03.syncookies.asc">FreeBSD-SA-03:03</ulink>.</para> + <para>Due to a buffer overflow in header parsing, a remote + attacker could create a specially crafted message that may cause + <application>sendmail</application> to execute arbitrary code + with the privileges of the user running sendmail, typically + <username>root</username>. More information, including pointers + to patches, can be found in security advisory <ulink + url="ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:04.sendmail.asc">FreeBSD-SA-03:04</ulink>.</para> + </sect1> <sect1 id="late-news"> |