Debian GNU/Linux Sendmail Default SASL Password

high Nessus Plugin ID 14832


The remote SMTP server has an account with a default password.


The remote host is running a Sendmail server with a default SASL password of 'sendmail' / 'sendmailpwd'. A spammer may use this account to use the remote server as a spam relay for the internet.


Disable this account or secure it with a strong password.

See Also

Plugin Details

Severity: High

ID: 14832

File Name: debian_sasl_default_pwd.nasl

Version: 1.16

Type: remote

Published: 9/28/2004

Updated: 7/10/2018

Supported Sensors: Nessus

Risk Information


Risk Factor: Medium

Score: 5.8


Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/o:debian:debian_linux

Excluded KB Items: global_settings/supplied_logins_only

Exploit Ease: No exploit is required

Vulnerability Publication Date: 9/28/2004

Reference Information

CVE: CVE-2004-0833

BID: 11262