From owner-freebsd-security@FreeBSD.ORG  Thu Apr 29 10:46:28 2004
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 644AC16A4CF
	for <freebsd-security@freebsd.org>;
	Thu, 29 Apr 2004 10:46:28 -0700 (PDT)
Received: from smtpout.mac.com (smtpout.mac.com [17.250.248.89])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 5260843D60
	for <freebsd-security@freebsd.org>;
	Thu, 29 Apr 2004 10:46:28 -0700 (PDT)	(envelope-from cswiger@mac.com)
Received: from mac.com (smtpin07-en2 [10.13.10.152])
	by smtpout.mac.com (Xserve/MantshX 2.0) with ESMTP id i3THkQle003668;
	Thu, 29 Apr 2004 10:46:26 -0700 (PDT)
Received: from [10.1.1.193] (nfw2.codefab.com [199.103.21.225] (may be
	forged))	(authenticated bits=0)i3THkP3Z012802;
	Thu, 29 Apr 2004 10:46:25 -0700 (PDT)
In-Reply-To: <20040429160357.GA6623@gremlin.timing.com>
References: <20040429160357.GA6623@gremlin.timing.com>
Mime-Version: 1.0 (Apple Message framework v613)
Content-Type: text/plain; charset=US-ASCII; format=flowed
Message-Id: <1F9AF010-9A05-11D8-BC40-003065ABFD92@mac.com>
Content-Transfer-Encoding: 7bit
From: Charles Swiger <cswiger@mac.com>
Date: Thu, 29 Apr 2004 13:46:20 -0400
To: Nick Golder <nrg@timing.com>
X-Mailer: Apple Mail (2.613)
cc: freebsd-security@freebsd.org
Subject: Re: Sendmail issues; possible exploit?
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 29 Apr 2004 17:46:28 -0000

On Apr 29, 2004, at 12:03 PM, Nick Golder wrote:
> On a 4.8-RELEASE-p17 machine running Sendmail 8.12.8p2 we are seeing 
> the
> following errors in /var/log/{messages,maillog}:
> sm-mta[50018]: i3TDTBcR050018: SYSERR(root): out of memory: Cannot
> allocate memory

The error message suggests that you're running out of swapspace.  Do 
you have excessive numbers of sendmail processes running, perhaps due 
to someone mail-bombing your server?

There have been security holes fixed in sendmail since 8.12.8, and 
8.12.11 is the most current version.  Some of the fixes have been 
backported to FreeBSD 4.8, (that's what the p2 means), but I'm not sure 
whether your version is completely up-to-date.

-- 
-Chuck