Sendmail < 8.14.4 SSL Certificate NULL Character Spoofing
Medium Nessus Network Monitor Plugin ID 5293
SynopsisThe remote host is vulnerable to a man-in-the-middle attack.
DescriptionThe remote mail server is running a version of Sendmail earlier than 8.14.4. Such versions are potentially affected by a flaw that my allow an attacker to spoof SSL certificates by using a NULL character in certain certificate fields.
SolutionUpgrade to Sendmail 8.14.4 or later.