Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Sendmail 'decode' Alias Arbitrary File Overwrite

Medium

Synopsis

The remote host is vulnerable to a flaw that allows for the bypassing of authentication.

Description

The remote Sendmail server may pipe email sent to the 'decode' alias to a program, which is prone to various security issues.

Solution

Remove the 'decode' entry from /etc/aliases.