Sendmail ETRN Command DOS Network Vulnerability

Summary

The remote sendmail server, according to its version number, allows remote attackers to cause a denial of service by sending a series of ETRN commands then disconnecting from the server, while Sendmail continues to process the commands after the connection has been terminated.

Solution

Install sendmail version 8.10.1 and higher, or install a vendor supplied patch.

Severity

Classification

CVE CVE-1999-1109

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Alt-N MDaemon SUBSCRIBE Remote Information Disclosure Vulnerability
Sendmail Group Permissions Vulnerability
Check if Mailserver answer to VRFY and EXPN requests
Sendmail custom configuration file
Quick 'n Easy Mail Server SMTP Request Remote Denial Of Service Vulnerability

Sendmail ETRN command DOS

Take action and discover your vulnerabilities