Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1278

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-1278
Last Modified 10 Sep 2008 03:14:13
Published 12 Nov 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1278

Summary

The mailconf module in Linuxconf 1.24, and other versions before 1.28, on Conectiva Linux 6.0 through 8, and possibly other distributions, generates the Sendmail configuration file (sendmail.cf) in a way that configures Sendmail to run as an open mail relay, which allows remote attackers to send Spam email.

Vulnerable Systems

Application

  • Jacques Gelinas Linuxconf 1.2.4r2

  • Jacques Gelinas Linuxconf 1.2.5r3


References

XF - linuxconf-sendmail-mail-relay(10554)

BID - 6118

OSVDB - 6066

CONECTIVA - CLA-2002:544


Last Updated: 27 May 2016 10:37:16