|
Family: Debian Local Security Checks --> Category: infos
[DSA554] DSA-554-1 sendmail Vulnerability Scan
Vulnerability Scan Summary DSA-554-1 sendmail
Detailed Explanation for this Vulnerability Test
Hugo Espuny discovered a problem in sendmail, a commonly used program
to deliver electronic mail. When installing "sasl-bin" to use sasl in
connection with sendmail, the sendmail configuration script use fixed
user/pass information to initialise the sasl database. Any spammer
with Debian systems knowledge could utilise such a sendmail
installation to relay spam.
For the stable distribution (woody) this problem has been fixed in
version 8.12.3-7.1.
For the unstable distribution (sid) this problem has been fixed in
version 8.13.1-13.
We recommend that you upgrade your sendmail package.
Solution : http://www.debian.org/security/2004/dsa-554
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|