All errata/p7/ALT-PU-2014-1723-1
ALT-PU-2014-1723-1

Package update sendmail in branch p7

Version8.14.9-alt0.M70T.1
Task#120646
Published2014-06-04
Max severityLOW
Severity:

Closed issues (2)

BDU:2015-00683
LOW1.9

Уязвимость программного обеспечения SendMail SMTP Server, позволяющая злоумышленнику нарушить конфиденциальность защищаемой информации

Published: 2016-07-06Modified: 2016-11-28
CVSS 2.0LOW 1.9
CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N
References
CVE-2014-3956
LOW1.9

The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program.

Published: 2014-06-04Modified: 2025-04-12
CVSS 2.0LOW 1.9
CVSS:2.0/AV:L/AC:M/Au:N/C:P/I:N/A:N
References