Sendmail RestrictQueueRun Option Debug Mode Information Disclosure

medium Nessus Plugin ID 11088

Synopsis

The remote server is vulnerable to information disclosure.

Description

According to the version number of the remote mail server, a local user may be able to obtain the complete mail configuration and other interesting information about the mail queue even if he is not allowed to access those information directly, by running

sendmail -q -d0-nnnn.xxx

where nnnn & xxx are debugging levels.

If users are not allowed to process the queue (which is the default) then you are not vulnerable.

This vulnerability is _local_ only.

Solution

Upgrade to the latest version of Sendmail or do not allow users to process the queue (RestrictQRun option).

Plugin Details

Severity: Medium

ID: 11088

File Name: sendmail_debug_leak.nasl

Version: 1.23

Type: remote

Published: 8/18/2002

Updated: 9/17/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 2.2

CVSS v2

Risk Factor: Low

Base Score: 2.1

Temporal Score: 1.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS Score Source: CVE-2001-0715

CVSS v3

Risk Factor: Medium

Base Score: 4

Temporal Score: 3.5

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:sendmail:sendmail

Required KB Items: installed_sw/Sendmail

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 10/1/2001

Reference Information

CVE: CVE-2001-0715

BID: 3898