Описание
SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable and passing crafted values to the -oR option.
Ссылки
- Exploit
- Vendor Advisory
- PatchThird Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
- Exploit
- Vendor Advisory
- PatchThird Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:sendmail:sendmail:5.59:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:5.61:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:5.65:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:sun:sunos:4.1.1:*:*:*:*:*:*:*
cpe:2.3:o:sun:sunos:4.1.2:*:*:*:*:*:*:*
cpe:2.3:o:sun:sunos:4.1.3:*:*:*:*:*:*:*
cpe:2.3:o:sun:sunos:4.1.3c:*:*:*:*:*:*:*
cpe:2.3:o:sun:sunos:4.1.3u1:*:*:*:*:*:*:*
cpe:2.3:o:sun:sunos:4.1.4:*:*:*:*:*:*:*
cpe:2.3:o:sun:sunos:4.1.4jl:*:*:*:*:*:*:*
EPSS
Процентиль: 73%
0.00778
Низкий
7.2 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
debian
почти 30 лет назад
SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding ho ...
github
больше 3 лет назад
SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable and passing crafted values to the -oR option.
EPSS
Процентиль: 73%
0.00778
Низкий
7.2 High
CVSS2
Дефекты
NVD-CWE-Other