s700_800 11.22 sendmail(1m) 8.11.1 patch : 

The remote HP-UX host is affected by multiple vulnerabilities :

  - Sendmail Restricted Shell (smrsh) may let local users     bypass restrictions to execute code.

  - A potential security vulnerability has been identified     with HP-UX sendmail, where the vulnerability may be     exploited remotely to gain unauthorized access or create     a denial of service (DoS). References: CERT CA-2003-12.
    (HPSBUX00253 SSRT3531)

  - A potential security vulnerability has been identified     with HP-UX running sendmail, where the vulnerability may     be exploited remotely to gain unauthorized access and     create a Denial of Service (DoS). References: CERT     CA-2003-07, CAN-2002-1337. (HPSBUX00246 SSRT3469)

s700_800 11.04 (VVOS) sendmail(1m) 8.9.3 patch : 

The remote HP-UX host is affected by multiple vulnerabilities :

  - A potential security vulnerability has been identified     with HP-UX sendmail, where the vulnerability may be     exploited remotely to gain unauthorized access or create     a denial of service (DoS). References: CERT CA-2003-12.
    (HPSBUX00253 SSRT3531)

  - A potential security vulnerability has been identified     with HP-UX running sendmail, where the vulnerability may     be exploited remotely to gain unauthorized access and     create a Denial of Service (DoS). References: CERT     CA-2003-07, CAN-2002-1337. (HPSBUX00246 SSRT3469)

s700_800 11.00 sendmail(1M) 8.9.3 patch : 

The remote HP-UX host is affected by multiple vulnerabilities :

  - A potential security vulnerability has been identified     with HP-UX running sendmail, where the vulnerability may     be exploited remotely to gain unauthorized access and     create a Denial of Service (DoS). References: CERT     CA-2003-07, CAN-2002-1337. (HPSBUX00246 SSRT3469)

  - A vulnerability has been identified in sendmail which     may allow a remote attacker to execute arbitrary code.
    References: CVE-2006-0058, US-CERT VU#834865.
    (HPSBUX02108 SSRT061133)

  - A potential security vulnerability has been identified     with HP-UX running sendmail, where the vulnerability     could be exploited remotely to gain unauthorized     privileged access. References: CERT/CC CA-2003-25,     CAN-2003-0681. (HPSBUX00281 SSRT3631)

  - A potential security vulnerability has been identified     with HP-UX sendmail, where the vulnerability may be     exploited remotely to gain unauthorized access or create     a denial of service (DoS). References: CERT CA-2003-12.
    (HPSBUX00253 SSRT3531)

  - A potential security vulnerability has been identified     with HP-UX running sendmail. This vulnerability could     allow a remote user to cause a Denial of Service (DoS).
    (HPSBUX02183 SSRT061243)

The remote Sendmail server, according to its version number, may be affected by a remote buffer overflow allowing remote users to gain root privileges. 

Sendmail versions from 5.79 to 8.12.7 are affected.

*** Nessus reports this vulnerability using only
*** the banner of the remote SMTP server. Therefore,
*** this might be a false positive.

s700_800 11.11 sendmail(1M) 8.9.3 patch : 

The remote HP-UX host is affected by multiple vulnerabilities :

  - A potential security vulnerability has been identified     with HP-UX running sendmail, where the vulnerability     could be exploited remotely to gain unauthorized     privileged access. References: CERT/CC CA-2003-25,     CAN-2003-0681. (HPSBUX00281 SSRT3631)

  - A vulnerability has been identified in sendmail which     may allow a remote attacker to execute arbitrary code.
    References: CVE-2006-0058, US-CERT VU#834865.
    (HPSBUX02108 SSRT061133)

  - A potential security vulnerability has been identified     with HP-UX sendmail, where the vulnerability may be     exploited remotely to gain unauthorized access or create     a denial of service (DoS). References: CERT CA-2003-12.
    (HPSBUX00253 SSRT3531)

  - A potential security vulnerability has been identified     with HP-UX running sendmail. This vulnerability could     allow a remote user to cause a Denial of Service (DoS).
    (HPSBUX02183 SSRT061243)

  - A potential security vulnerability has been identified     with HP-UX running sendmail, where the vulnerability may     be exploited remotely to gain unauthorized access and     create a Denial of Service (DoS). References: CERT     CA-2003-07, CAN-2002-1337. (HPSBUX00246 SSRT3469)

A vulnerability was discovered in sendmail by Mark Dowd of ISS X-Force that involves mail header manipulation that can result in a remote user gaining root access to the system running the vulnerable sendmail.

Patches supplied by the sendmail development team have been applied to correct this issue. MandrakeSoft encourages all users who have chosen to use sendmail (as opposed to the default MTA, postfix) to upgrade to this version of sendmail immediately.

The remote host is missing AIX Critical Security Patch number IY40501 (SECURITY: buffer overflow in sendmail).

You should install this patch for your system to be up-to-date.

smrsh (supplied by Sendmail) is designed to prevent the execution of commands outside of the restricted environment.  However, when commands are entered using either double pipes (||) or a mixture of dot and slash characters, a user may be able to bypass the checks performed by smrsh.  This can lead to the execution of commands outside of the restricted environment. 

In addition, a function in headers.c does not properly sanitize input supplied via the 'Address Field' causing an exploitable buffer overflow condition.  However, Nessus has not checked for this.

Mark Dowd of ISS X-Force found a bug in the header parsing routines of sendmail: it could overflow a buffer overflow when encountering addresses with very long comments. Since sendmail also parses headers when forwarding emails this vulnerability can hit mail-servers which do not deliver the email as well.

Updated Sendmail packages are available to fix a vulnerability that may allow remote attackers to gain root privileges by sending a carefully crafted message.

[Updated March 18 2003] Added packages for Red Hat Enterprise Linux ES and Red Hat Enterprise Linux WS.

Sendmail is a widely used Mail Transport Agent (MTA) which is included in all Red Hat Enterprise Linux distributions.

During a code audit of Sendmail by ISS, a critical vulnerability was uncovered that affects unpatched versions of Sendmail prior to version 8.12.8. A remote attacker can send a carefully crafted email message which, when processed by sendmail, causes arbitrary code to be executed as root.

We are advised that a proof-of-concept exploit is known to exist, but is not believed to be in the wild.

Since this is a message-based vulnerability, MTAs other than Sendmail may pass on the carefully crafted message. This means that unpatched versions of Sendmail inside a network could still be at risk even if they do not accept external connections directly.

All users are advised to update to these erratum packages which contain a backported patch to correct this vulnerability.

Red Hat would like to thank Eric Allman for his assistance with this vulnerability.

smrsh (supplied by Sendmail) is designed to prevent the execution of commands outside of the restricted environment. However, when commands are entered using either double pipes (||) or a mixture of dot and slash characters, a user may be able to bypass the checks performed by smrsh. This can lead to the execution of commands outside of the restricted environment.

The remote Sendmail server is vulnerable to a remote buffer overflow that may allow an attacker to remotely gain a root shell on this host.

ID	Name	Product	Family	Published	Updated	Severity
16634	HP-UX PHNE_28409 : s700_800 11.22 sendmail(1m) 8.11.1 patch	Nessus	HP-UX Local Security Checks	2/16/2005	1/11/2021	critical
16898	HP-UX PHNE_29526 : s700_800 11.04 (VVOS) sendmail(1m) 8.9.3 patch	Nessus	HP-UX Local Security Checks	2/16/2005	1/11/2021	critical
26133	HP-UX PHNE_35483 : s700_800 11.00 sendmail(1M) 8.9.3 patch	Nessus	HP-UX Local Security Checks	9/25/2007	1/11/2021	critical
11316	Sendmail headers.c crackaddr Function Address Field Handling Remote Overflow	Nessus	SMTP problems	3/3/2003	9/17/2018	critical
26134	HP-UX PHNE_35484 : s700_800 11.11 sendmail(1M) 8.9.3 patch	Nessus	HP-UX Local Security Checks	9/25/2007	1/11/2021	critical
14012	Mandrake Linux Security Advisory : sendmail (MDKSA-2003:028)	Nessus	Mandriva Local Security Checks	7/31/2004	1/6/2021	critical
14612	AIX 5.1 : IY40501	Nessus	AIX Local Security Checks	9/1/2004	1/4/2021	critical
11321	Sendmail 8.8.8 - 8.12.7 Multiple Vulnerabilities (Bypass, OF)	Nessus	SMTP problems	3/5/2003	6/27/2018	critical
15094	Debian DSA-257-1 : sendmail - remote exploit	Nessus	Debian Local Security Checks	9/29/2004	1/4/2021	critical
12372	RHEL 2.1 : sendmail (RHSA-2003:074)	Nessus	Red Hat Local Security Checks	7/6/2004	1/14/2021	critical
2039	Sendmail < 8.12.8 Double Pipe smrsh Bypass Overflow	Nessus Network Monitor	SMTP Servers	8/18/2004	3/6/2019	high
2020	Sendmail < 8.12.8 Header Handling Remote Overflow	Nessus Network Monitor	SMTP Servers	8/18/2004	3/6/2019	high

Detections

Analytics

Plugins Search

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

high

high