[SECURITY] Fedora 19 Update: sendmail-8.14.7-2.fc19

The Sendmail program is a very widely used Mail Transport Agent MTA. MTAs send mail from one machine to another. Sendmail is not a client program, which you use to read your email. Sendmail is a behind-the-scenes program which actually moves your email over networks or the Internet to where you...

openSUSE Security Update : sendmail (openSUSE-SU-2014:0804-1)

sendmail was updated to properly close file descriptors before executing programs. These security issues were fixed : - Not properly closing file descriptors before executing programs CVE-2014-3956. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in th...

Fedora Update for sendmail FEDORA-2014-7093

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Sendmail transport arbitrary shell execution

More info at http://blog.swiftmailer.org/post/88660759928/security-fix-swiftmailer-5-2-1-released...

Sendmail transport arbitrary shell execution

More info at http://blog.swiftmailer.org/post/88660759928/security-fix-swiftmailer-5-2-1-released...

[SECURITY] Fedora 20 Update: sendmail-8.14.8-2.fc20

The Sendmail program is a very widely used Mail Transport Agent MTA. MTAs send mail from one machine to another. Sendmail is not a client program, which you use to read your email. Sendmail is a behind-the-scenes program which actually moves your email over networks or the Internet to where you...

openSUSE Security Update : cron (openSUSE-SU-2011:0452-1)

Cronie does not drop all privileges before calling sendmail. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update cron-4495. The text description of this plugin is C SUSE LLC...

Fedora 20 : sendmail-8.14.8-2.fc20 (2014-7093)

This is an update that fixes bug which can lead to sendmail leaking file descriptors to processes it spawns. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as...

[slackware-security] sendmail

New sendmail packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/sendmail-8.14.9-i486-1slack14.1.txz: Upgraded. This release fixes one security related bug by properly...

Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : sendmail (SSA:2014-156-04)

New sendmail packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2014-156-04. The text...

DEBIAN-CVE-2014-3956

The smcloseonexec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FDCLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program...

CVE-2014-3956

The smcloseonexec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FDCLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program...

CVE-2014-3956

The smcloseonexec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FDCLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program...

Code injection

The smcloseonexec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FDCLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program...

CVE-2014-3956

The smcloseonexec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FDCLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program...

UBUNTU-CVE-2014-3956

The smcloseonexec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FDCLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program...

CVE-2014-3956

The smcloseonexec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FDCLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program...

CVE-2014-3956

CVE-2014-3956 affects sendmail up to version 8.14.9, where the sm_close_on_exec function in conf.c has its arguments in the wrong order, causing FD_CLOEXEC flags not to be set. This can allow local users to access unintended high-numbered file descriptors via a custom mail-delivery program. The c...

CVE-2014-3956

The smcloseonexec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FDCLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program...

FreeBSD Security Advisory FreeBSD-SA-14:11.sendmail

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:11.sendmail Security Advisory The FreeBSD Project Topic: sendmail improper close-on-exec flag handling Category: contrib Module: sendmail Announced: 2014-06-...