icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Sendmail .forward File Local Privilege Escalation

High

Synopsis

The remote host is vulnerable to a flaw that allows for the bypassing of authentication.

Description

The sendmail server may be vulnerable to a local privilege escalation vulnerability when using .forward files. A local attacker may use this flaw to escalate privileges up to 'root' level. *** Note that Sun did not increase the version number of Sendmail when patching Solaris 7 and 8, so this might be a false positive.

Solution

Upgrade or patch according to vendor recommendations.