Sendmail, the web's most popular email message transfer agent, has released a patch for a 'critical' security vulnerability.
The remotely exploitable vulnerability could allow an attacker to gain control of an unpatched Sendmail server.
Security authority the Cert Coordination Centre warned that "parsing code in Sendmail does not adequately check the length of email addresses. An email message with a specially crafted address could trigger a stack overflow."
The vulnerability could be used to cause a denial of service attack and could allow a remote attacker to execute arbitrary code with the privileges of the Sendmail daemon - typically at root level.
"Most organisations have a variety of mail transfer agents [MTAs] at various locations within their network, with at least one exposed to the internet," said Cert.
"Since Sendmail is the most popular MTA, most medium-sized to large organisations are likely to have at least one vulnerable Sendmail server.
"In addition, many Unix and Linux workstations provide a Sendmail implementation that is enabled and running by default."
In quantum physics both the chicken and the egg can come first, claim University of Queensland researchers
Cause-and-effect is not always straightforward in quantum physics
Mark Carney said that about 10 per cent of UK jobs would be replaced by automation: lower than earlier estimates
WSJ claims that staff have rubbed out bad reviews for $300 per review
BUFFALO survey will observe six massive galaxy clusters and their surroundings