📄 sendmail_custom_config.nasl
字号:
# This script was written by Michel Arboi <arboi@alussinan.org>## GPL## References:# From: "Michal Zalewski" <lcamtuf@echelon.pl># To: bugtraq@securityfocus.com# CC: sendmail-security@sendmail.org# Subject: RAZOR advisory: multiple Sendmail vulnerabilitiesif(description){ script_id(11086); script_bugtraq_id(3377); script_cve_id("CVE-2001-0713"); script_version ("$Revision: 38 $"); name["english"] = "Sendmail custom configuration file"; name["francais"] = "Fichier de configuration sp閏ifique de sendmail"; script_name(english:name["english"], francais:name["francais"]); desc["english"] = "The remote sendmail server, according to its version number,may be vulnerable to a 'Mail System Compromise' when auser supplies a custom configuration file.Although the mail server is suppose to run as a lambda user, a programming error allows the local attacker to regain the extra dropped privileges and run commands as root.Solution : upgrade to the latest version of SendmailRisk factor : HighNote : This vulnerability is _local_ only"; desc["francais"] = "Le serveur sendmail distant, d'apr鑣 son num閞o de version,est vuln閞able lorsqu'un utilisateur fournit un fichier de configuration sp閏ifique.Bien que le serveur soit cens⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -