This host is installed with SendMail and is prone to mail relay vulnerability.
Successful exploitation will allow attackers to send email messages outside of the served network. This could result in unauthorized messages being sent from the vulnerable server. Impact Level: Application/System
Upgrade to the latest version of Linuxconf version 1.29r1 or later For updates refer to http://www.solucorp.qc.ca/linuxconf/ For IBM AIX, apply the patch from below link ftp://aix.software.ibm.com/aix/efixes/security/sendmail_3_mod.tar.Z
The flaw is due to an error in the mailconf module in Linuxconf which generates the Sendmail configuration file (sendmail.cf) and configures Sendmail to run as an open mail relay, which allows remote attackers to send Spam email.
Linuxconf versions 1.24 r2, 1.2.5 r3 Linuxconf versions 1.24 r2, 1.2.5 r3 on Conectiva Linux 6.0 through 8 IBM AIX versions 4.3, 4.3.1, 4.3.2, 4.3.3, 5.1, 5.1 L, 5.2
- Ipswitch IMail Server Multiple Local Privilege Escalation Vulnerabilities
- GNU glibc Remote Heap Buffer Overflow Vulnerability (Exim)
- IceWarp Merak Mail Server 'Base64FileEncode()' Stack-Based Buffer Overflow Vulnerability
- Generic SMTP overflows
- Sendmail 8.8.8 to 8.12.7 Double Pipe Access Validation Vulnerability