Summary
The remote sendmail server, according to its version number, allows remote attackers to cause a denial of service by sending a series of ETRN commands then disconnecting from the server, while Sendmail continues to process the commands after the connection has been terminated.
Solution
Install sendmail version 8.10.1 and higher, or
install a vendor supplied patch.
Severity
Classification
-
CVE CVE-1999-1109 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Microsoft Windows SMTP Server DNS spoofing vulnerability
- Microsoft Windows SMTP Server MX Record Denial of Service Vulnerability
- Sendmail Group Permissions Vulnerability
- Check if Mailserver answer to VRFY and EXPN requests
- MailEnable 'MESMTRPC.exe' SMTP Service Multiple Remote Denial of Service Vulnerabilities