Sendmail .forward File Local Privilege Escalation
High Nessus Network Monitor Plugin ID 2010
SynopsisThe remote host is vulnerable to a flaw that allows for the bypassing of authentication.
DescriptionThe sendmail server may be vulnerable to a local privilege escalation vulnerability when using .forward files. A local attacker may use this flaw to escalate privileges up to 'root' level. *** Note that Sun did not increase the version number of Sendmail when patching Solaris 7 and 8, so this might be a false positive.
SolutionUpgrade or patch according to vendor recommendations.