How to Buy
This script is Copyright (C) 2003-2014 StrongHoldNet
The remote host has an application that is affected by multiple
smrsh (supplied by Sendmail) is designed to prevent the execution of
commands outside of the restricted environment. However, when
commands are entered using either double pipes (||) or a mixture of
dot and slash characters, a user may be able to bypass the checks
performed by smrsh. This can lead to the execution of commands
outside of the restricted environment.
In addition, a function in headers.c does not properly sanitize input
supplied via the 'Address Field' causing an exploitable buffer
overflow condition. However, Nessus has not checked for this.
Upgrade to Sendmail 8.12.8 or later.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.7
Public Exploit Available : true
Family: SMTP problems
Nessus Plugin ID: 11321 ()
Bugtraq ID: 5845
CVE ID: CVE-2002-1165CVE-2002-1337
Get Nessus Professional to scan unlimited IPs, run compliance checks & more
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.