Skip to main content
CNN EditionTechnology
The Web    CNN.com     
Powered by
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
SERVICES
 
 
 
SEARCH
Web CNN.com
powered by Yahoo!

Security flaw puts e-mail at risk


Story Tools

RELATED
• Fixes for the vulnerability are available, free of charge, at Sendmail's Web site  by applying a patch or upgrading to the latest version of Sendmail.external link

SEATTLE, Washington (Reuters) -- The most widely used program for transferring e-mail between computer networks has a security flaw that could allow attackers to disrupt the flow of e-mail and intercept messages, the program's developer said Monday.

The security flaw does not directly affect desktop personal computers but puts e-mail and information sent over the Internet at risk, privately held Sendmail Inc. of Emeryville, California and Internet security provider Internet Security Systems Inc. said in a joint statement. Atlanta-based ISS said that Sendmail, which is estimated to handle as much as three-quarters of all Internet e-mail traffic, has a flaw that could allow attackers to gain top-level access to e-mail servers to stop e-mail traffic and read messages.

Not exploited

The companies said that it did not appear that the flaw had been exploited by hackers to date.

The flaw in Sendmail also makes it vulnerable to high volumes of data traffic, which could allow a malicious worm program to propagate and slow down global Web traffic, much like the "SQL Slammer" attack that slowed Internet traffic worldwide in late January.

ISS said in a statement that the vulnerability "especially dangerous" because an attacker doesn't need any specific knowledge of the target and can exploit the flaw via an e-mail message.

All commercial versions of Sendmail, as well as open-source versions from 5.79 and above are vulnerable, the companies said. Any Sendmail programs based on open source, which can be copied and modified freely, are also at risk.



Copyright 2003 Reuters. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.

Story Tools
Subscribe to Time for $1.99 cover
Top Stories
Burgers, lattes and CD burners
Top Stories
CNN/Money: Security alert issued for 40 million credit cards
 
 
 
 

International Edition
CNN TV CNN International Headline News Transcripts Advertise With Us About Us
SEARCH
   The Web    CNN.com     
Powered by
© 2005 Cable News Network LP, LLLP.
A Time Warner Company. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines. Contact us.
external link
All external sites will open in a new browser.
CNN.com does not endorse external sites.
 Premium content icon Denotes premium content.
Add RSS headlines.