FreeBSD : FreeBSD -- sendmail improper close-on-exec flag handling (6d9eadaf-6007-11e6-a6c3-14dae9d210b8)

This script is Copyright (C) 2016 Tenable Network Security, Inc.

Synopsis :

The remote FreeBSD host is missing one or more security-related

Description :

There is a programming error in sendmail(8) that prevented open file
descriptors have close-on-exec properly set. Consequently a subprocess
will be able to access all open files that the parent process have
open. Impact : A local user who can execute their own program for mail
delivery will be able to interfere with an open SMTP connection.

See also :

Solution :

Update the affected packages.

Risk factor :

Low / CVSS Base Score : 3.7
CVSS Temporal Score : 3.2
Public Exploit Available : false

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 92901 ()

Bugtraq ID: 67791


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now