SMTP problems : Sendmail 8.8.x - 8.8.3 Group Permissions Vulnerability

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.11349

Categoría: SMTP problems

Título: Sendmail 8.8.x - 8.8.3 Group Permissions Vulnerability

Resumen: The remote sendmail server, according to its version number,; allows local users to write to a file and gain group permissions via a .forward or :include: file.

Descripción: Summary:
The remote sendmail server, according to its version number,
allows local users to write to a file and gain group permissions via a .forward or :include: file.

Affected Software/OS:
Sendmail versions 8.8.x through 8.8.3.

Solution:
Update to version 8.8.4 or later, or install a vendor supplied
patch.

CVSS Score:
4.6

CVSS Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-1999-0129
http://www.cert.org/advisories/CA-1996-25.html

Copyright Copyright (C) 2001 Xue Yong Zhi

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.11349
Categoría:	SMTP problems
Título:	Sendmail 8.8.x - 8.8.3 Group Permissions Vulnerability
Resumen:	The remote sendmail server, according to its version number,; allows local users to write to a file and gain group permissions via a .forward or :include: file.
Descripción:	Summary: The remote sendmail server, according to its version number, allows local users to write to a file and gain group permissions via a .forward or :include: file. Affected Software/OS: Sendmail versions 8.8.x through 8.8.3. Solution: Update to version 8.8.4 or later, or install a vendor supplied patch. CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-1999-0129 http://www.cert.org/advisories/CA-1996-25.html
Copyright	Copyright (C) 2001 Xue Yong Zhi