Sendmail Insecure Temporary File Privilege Escalation Vulnerability

Bugtraq ID: 7614
Class: Design Error
CVE:
Remote: No
Local: Yes
Published: May 16 2003 12:00AM
Updated: May 16 2003 12:00AM
Credit: Discovery is credited to Paul Szabo.
Vulnerable: Sendmail Consortium Sendmail 8.12.9
+ Slackware Linux 9.0
+ Slackware Linux 8.1
+ Slackware Linux -current
Sendmail Consortium Sendmail 8.12.3
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
+ FreeBSD FreeBSD 4.6
+ S.u.S.E. Linux 8.0 i386
+ S.u.S.E. Linux 8.0
Sendmail Consortium Sendmail 8.9.3
+ Compaq Tru64 5.1 PK5 (BL19)
+ Compaq Tru64 5.0 a PK3 (BL17)
+ Debian Linux 2.2 sparc
+ Debian Linux 2.2 powerpc
+ Debian Linux 2.2 IA-32
+ Debian Linux 2.2 arm
+ Debian Linux 2.2 alpha
+ Debian Linux 2.2 68k
+ Debian Linux 2.2
+ IBM AIX 4.3.3
+ SGI IRIX 6.5.19
+ SGI IRIX 6.5.18 m
+ SGI IRIX 6.5.18 f
+ SGI IRIX 6.5.17 m
+ SGI IRIX 6.5.17 f
+ SGI IRIX 6.5.16 m
+ SGI IRIX 6.5.16 f
+ SGI IRIX 6.5.15 m
+ SGI IRIX 6.5.15 f
+ SGI IRIX 6.5.14 m
+ SGI IRIX 6.5.14 f
+ SGI IRIX 6.5.13 m
+ SGI IRIX 6.5.13 f
+ SGI IRIX 6.5.12 m
+ SGI IRIX 6.5.12 f
+ SGI IRIX 6.5.11 m
+ SGI IRIX 6.5.11 f
+ SGI IRIX 6.5.10 m
+ SGI IRIX 6.5.10 f
+ SGI IRIX 6.5.9 m
+ SGI IRIX 6.5.9 f
+ SGI IRIX 6.5.8 m
+ SGI IRIX 6.5.8 f
+ SGI IRIX 6.5.7 m
+ SGI IRIX 6.5.7 f
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus