Description
The ClamAV Mail fILTER (clamav-milter) 0.84 through 0.85d, when used in Sendmail using long timeouts, allows remote attackers to cause a denial of service by keeping an open connection, which prevents ClamAV from reloading.
Product(s):
- Sendmail Sendmail 8.10.1
- Sendmail Sendmail 8.10.2
- Sendmail Sendmail 8.10
- Sendmail Sendmail 8.11
- Sendmail Sendmail 8.11.1
- Sendmail Sendmail 8.11.2
- Sendmail Sendmail 8.11.3
- Sendmail Sendmail 8.11.4
- Sendmail Sendmail 8.11.5
- Sendmail Sendmail 8.11.6
- Sendmail Sendmail 8.11.7
- Sendmail Sendmail 8.12.0
- Sendmail Sendmail 8.12.10
- Sendmail Sendmail 8.12.11
- Sendmail Sendmail 8.12.1
- Sendmail Sendmail 8.12.2
- Sendmail Sendmail 8.12.3
- Sendmail Sendmail 8.12.4
- Sendmail Sendmail 8.12.5
- Sendmail Sendmail 8.12.6
- Sendmail Sendmail 8.12.7
- Sendmail Sendmail 8.12.8
- Sendmail Sendmail 8.12.9
- Sendmail Sendmail 8.12 Beta10
- Sendmail Sendmail 8.12 Beta12
- Sendmail Sendmail 8.12 Beta16
- Sendmail Sendmail 8.12 Beta5
- Sendmail Sendmail 8.12 beta7
- Sendmail Sendmail 8.8.8
- Sendmail Sendmail 8.9.0
- Sendmail Sendmail 8.9.1
- Sendmail Sendmail 8.9.2
- Sendmail Sendmail 8.9.3
Question to Ask Vendors:
- Can you confirm whether your systems are affected by CVE-2005-2070, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2005-2070 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions:
- Check out the advisory links provided below.