icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Sendmail 'decode' Alias Arbitrary File Overwrite

Medium

Synopsis

The remote host is vulnerable to a flaw that allows for the bypassing of authentication.

Description

The remote Sendmail server may pipe email sent to the 'decode' alias to a program, which is prone to various security issues.

Solution

Remove the 'decode' entry from /etc/aliases.