Vulnerability Note VU#3278
SunOS versions of sendmail use popen to return undeliverable mail
Older versions of sendmail (circa 1995) incorrectly used popen to process certain arguments.
There is a problem with the way that the older (circa 1995) versions of Sun Microsystems, Inc. version of sendmail processes the -oR option. This problem has been verified as existing in the version of sendmail that is in SunOS 4.1.X, including patches 100377-19 (for SunOS 4.1.3), 101665-04 (for SunOS 4.1.3_U1), and 102423-01 (for SunOS 4.1.4).
The -oR option specifies the host, called the mail hub, to which mail should be forwarded when a user on a client of that hub receives mail. This host can be identified with the -oR option on the command line as
Local users can obtain root access.
Upgrade to the most recent version of sendmail.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Sun Microsystems Inc.||Affected||-||04 Jun 2003|
CVSS Metrics (Learn More)
Thanks to 8lgm for reporting this vulnerability.
This document was written by Larry Rogers and Shawn Hernan. .
- CVE IDs: Unknown
- CERT Advisory: CA-1995-11
- Date Public: 24 Aug 95
- Date First Published: 04 Jun 2003
- Date Last Updated: 04 Jun 2003
- Severity Metric: 0.84
- Document Revision: 3
If you have feedback, comments, or additional information about this vulnerability, please send us email.