This script is Copyright (C) 2003-2014 StrongHoldNet
The remote host has an application that is affected by multiple
smrsh (supplied by Sendmail) is designed to prevent the execution of
commands outside of the restricted environment. However, when
commands are entered using either double pipes (||) or a mixture of
dot and slash characters, a user may be able to bypass the checks
performed by smrsh. This can lead to the execution of commands
outside of the restricted environment.
In addition, a function in headers.c does not properly sanitize input
supplied via the 'Address Field' causing an exploitable buffer
overflow condition. However, Nessus has not checked for this.
Upgrade to Sendmail 8.12.8 or later.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.7
Public Exploit Available : true