FreeBSD-SA-14:11.sendmail

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:11.sendmail Security Advisory The FreeBSD Project Topic: sendmail improper close-on-exec flag handling Category: contrib Module: sendmail Announced:...

Sendmail < 8.14.9 close-on-exec SMTP Connection Manipulation

The remote mail server is running a version of Sendmail prior to 8.14.9. It is, therefore, affected by a flaw related to file descriptors and the 'close-on-exec' flag that may allow a local attacker to cause unspecified impact on open SMTP connections. C Tenable Network Security, Inc...

FreeBSD -- sendmail improper close-on-exec flag handling

Problem Description: There is a programming error in sendmail8 that prevented open file descriptors have close-on-exec properly set. Consequently a subprocess will be able to access all open files that the parent process have open. Impact: A local user who can execute their own program for mail...

Destoon B2B 2014-05-21最新版csrf getshell

简要描述： 上传问题+csrf+后台任意命令执行 = csrf getshell 详细说明： 先说上传问题，自带的fck编辑器没有验证上传图片的合法性，只判断了后缀名。 可以通过上传一个.jpg后缀的swf来进行csrf 然后是后台命令执行 /member/admin/sendmail.inc.php 行151 default: ifisset$send ifisset$preview && $preview $content = stripslashes$content; if$template if$sendtype == 2 $emails = explode"\n",...

IT-Grundschutz M5.019: Einsatz der Sicherheitsmechanismen von sendmail

IT-Grundschutz M5.019: Einsatz der Sicherheitsmechanismen von sendmail. ACHTUNG: Dieser Test wird nicht mehr unterstützt. Er wurde ersetzt durch den entsprechenden Test der nun permanent and die aktuelle EL angepasst wird: OID 1.3.6.1.4.1.25623.1.0.95056 Stand: 13. Ergänzungslieferung 13. EL...

IT-Grundschutz M5.019: Einsatz der Sicherheitsmechanismen von sendmail

IT-Grundschutz M5.019: Einsatz der Sicherheitsmechanismen von sendmail. ACHTUNG: Dieser Test wird nicht mehr unterstützt. Er wurde ersetzt durch den entsprechenden Test der nun permanent and die aktuelle EL angepasst wird: OID 1.3.6.1.4.1.25623.1.0.95056 Stand: 13. Ergänzungslieferung 13. EL...

AIX 7.1 : bos.net.tcp.client (U858320)

The remote host is missing AIX PTF U858320, which is related to the security of the package bos.net.tcp.client. AIX system set up with stock sendmail will run arbitrary code through a users .forward. This apples to sendmailssl and sendmailnossl. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

Oracle Linux 4 : sendmail (ELSA-2011-0262)

From Red Hat Security Advisory 2011:0262 : Updated sendmail packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base...

Oracle Linux 4 : sendmail (ELSA-2007-0252)

From Red Hat Security Advisory 2007:0252 : Updated sendmail packages that fix a security issue and various bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team. Sendmail is a very widely used Mail...

CentOS 4 : sendmail (CESA-2007:0252)

Updated sendmail packages that fix a security issue and various bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team. Sendmail is a very widely used Mail Transport Agent MTA. MTAs deliver mail from on...

Solaris 10 Patch Cluster File Clobber

File clobbering vulnerability in Solaris 10 patch cluster 3/27/2013 Larry W. Cashdollar @larry0 Hello, The 147147-26 patch creates a CLEANUP file in /tmp that is vulnerable to symlink attacks: The contents of the file created in /tmp are: /sbin/sh:root@dev-unix-sec02 cat CLEANUP...

Solaris 10 Patch Cluster File Clobber

Solaris 10 patch cluster suffers from a file clobber vulnerability in /tmp. File clobbering vulnerability in Solaris 10 patch cluster 3/27/2013 Larry W. Cashdollar @larry0 Hello, The 147147-26 patch creates a CLEANUP file in /tmp that is vulnerable to symlink attacks: The contents of the file...

AIX 7.1 TL 1 : bos.net.tcp.client (U852280)

The remote host is missing AIX PTF U852280, which is related to the security of the package bos.net.tcp.client. AIX system set up with stock sendmail will run arbitrary code through a users .forward. This apples to sendmailssl and sendmailnossl. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

AIX 5.3 TL 11 : sendmail (IZ72837)

'sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name CN field of an X.509 certificate, which 1 allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and 2 allows...

AIX 6.1 TL 2 : sendmail (IZ72515)

'sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name CN field of an X.509 certificate, which 1 allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and 2 allows...

AIX 5.3 TL 8 : sendmail (IZ72834)

'sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name CN field of an X.509 certificate, which 1 allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and 2 allows...

AIX 6.1 TL 3 : sendmail (IZ72510)

'sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name CN field of an X.509 certificate, which 1 allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and 2 allows...

AIX 5.3 TL 9 : sendmail (IZ72835)

'sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name CN field of an X.509 certificate, which 1 allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and 2 allows...

AIX 6.1 TL 1 : sendmail (IZ72528)

'sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name CN field of an X.509 certificate, which 1 allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and 2 allows...

AIX 5.3 TL 10 : sendmail (IZ72836)

'sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name CN field of an X.509 certificate, which 1 allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and 2 allows...