• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Linuxconf mailconf Module Mail Relay Vulnerability

A vulnerability has been discovered in the mailconf module included with the Linuxconf utility.

It has been reported that a problem exists in the configuration file created by the mailconf module, which could allow remote attackers to use the system's Sendmail server as a mail relay.

Exploitation of this issue could allow an attacker to send email messages outside of the served network. This could result in unauthorized messages being sent from the vulnerable server.

It should be noted that the default configuration file distributed with Sendmail is not vulnerable to this issue. It must have been created by Linuxconf for this vulnerability to be introduced.