|
Family: Debian Local Security Checks --> Category: infos
[DSA305] DSA-305-1 sendmail Vulnerability Scan
Vulnerability Scan Summary DSA-305-1 sendmail
Detailed Explanation for this Vulnerability Test
Paul Szabo discovered bugs in three scripts included in the sendmail
package where temporary files were created insecurely (expn,
checksendmail and doublebounce.pl). These bugs could allow an
attacker to gain the rights of a user invoking the script
(including root).
For the stable distribution (woody) these problems have been fixed in
version 8.12.3-6.4.
For the old stable distribution (potato) these problems have been fixed
in version 8.9.3-26.1.
For the unstable distribution (sid) these problems have been fixed in
version 8.12.9-2.
We recommend that you update your sendmail package.
Solution : http://www.debian.org/security/2003/dsa-305
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|