PT-2003-1515 · Sendmail · Sendmail
Published
2003-05-15
·
Updated
2008-11-11
·
CVE-2003-0308
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
Sendmail version 8.12.3
Description:
The issue is related to the insecure creation of temporary files by the Sendmail package. This could allow local users to gain additional privileges through various means, including the expn, checksendmail, or doublebounce.pl scripts.
Recommendations:
For Sendmail version 8.12.3, consider updating to a newer version that securely creates temporary files to prevent local users from gaining additional privileges.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Sendmail