Sendmail < 8.12.1 RestrictQueueRun Option Multiple Argument Local DoS
Low Nessus Plugin ID 11087
SynopsisThe remote mail server is vulnerable to a denial of service.
DescriptionThe remote Sendmail server, according to its version number, might be vulnerable to a queue destruction when a local user runs
sendmail -q -h1000
If your system does not allow users to process the queue (which is the default), you are not vulnerable.
Note that this vulnerability is _local_ only.
SolutionUpgrade to Sendmail 8.12.1 or later. As a workaround, do not allow users to process the queue (RestrictQRun option).