The remote sendmail server, according to its version number, allows local users to write to a file and gain group permissions via a .forward or :include: file.
Install sendmail newer than 8.8.4 or install a vendor supplied patch.
- Exim < 4.72 RC2 Multiple Vulnerabilities
- Mail relaying
- Multiple Vendors STARTTLS Implementation Plaintext Arbitrary Command Injection Vulnerability
- MailEnable 'MESMTRPC.exe' SMTP Service Multiple Remote Denial of Service Vulnerabilities
- Multiple Kerio Products Administration Console File Disclosure and Corruption Vulnerability