Note: This is an archival copy of Security Sun Alert 200765 as previously published on
Latest version of this security advisory is available from as Sun Alert 1000588.1.
Article ID : 1000588.1
Article Type : Sun Alerts (SURE)
Last reviewed : 2003-09-23
Audience : PUBLIC
Copyright Notice: Copyright © 2010, Oracle Corporation and/or its affiliates.

Sun Linux 5.0 sendmail(1M) Buffer Overflow Vulnerability


Release Phase

Sun Cobalt Qube 3 Server
Sun Cobalt RaQ XTR Server
Sun Cobalt RaQ 4 Server
Sun Cobalt RaQ 550 Server

Bug Id

Date of Resolved Release


A buffer overflow vulnerability in the sendmail(1M) daemon within the prescan() function may allow a local or remote unprivileged user to execute arbitrary code.

For more information on this issue, please see:

Contributing Factors

This issue can occur in the following releases:

Sun Linux:

  • Sun Linux 5.0 with sendmail versions 8.11.6-3 or earlier

Sun Cobalt:

  • Qube3 with sendmail versions 8.10.2-C4stackguard or earlier
  • RaQ4 with sendmail versions 8.10.2-C4stackguard or earlier
  • RaQ550 with sendmail versions 8.11.6-1C6stackguard or earlier
  • RaQXTR with sendmail versions 8.11.6-1C6stackguard or earlier

The sendmail(1M) package version can be determined by running the following command:

    # rpm -qa | grep -i sendmail


There are no reliable symptoms that would show the described issue has been exploited.


Until patches can be applied, sites may wish to disable sendmail(1M).

To see if sendmail is enabled:

    # /sbin/chkconfig --list sendmail
sendmail 0:off 1:off 2:off 3:on 4:on 5:on 6:off

To disable sendmail for all the run levels:

    # /sbin/chkconfig --del sendmail

Please see the man page for chkconfig(8) for more information.


Sun Linux patches are available at:

Patches for Qube3, RaQ4, RaQ 550, RaQ XTR are available at:

Modification History
Date: 30-SEP-2003
  • Updated Relief/Workaround

Date: 12-APR-2005
  • State: Resolved
  • Updated Resolution section

This solution has no attachment