PT-2003-2307 · Sendmail+1 · Sendmail.Cf+1

Published

2003-12-31

Updated

2017-07-29

CVE-2003-1362

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions HP-UX versions 11.00 and 11.11

Description The issue is related to the improper configuration of the NOVRFY and NOEXPN options in the sendmail.cf file. This could allow remote attackers to verify the existence of system users and expand defined sendmail aliases.

Recommendations For HP-UX version 11.00, properly configure the NOVRFY and NOEXPN options in the sendmail.cf file to prevent remote attackers from verifying system users and expanding sendmail aliases. For HP-UX version 11.11, properly configure the NOVRFY and NOEXPN options in the sendmail.cf file to prevent remote attackers from verifying system users and expanding sendmail aliases.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-16

Related Identifiers

CVE-2003-1362

Affected Products

Hp-Ux

Sendmail.Cf

PT-2003-2307 · Sendmail+1 · Sendmail.Cf+1

CVE-2003-1362

Weakness Enumeration

Related Identifiers

Affected Products

References · 4