CVE-2003-1362

Bastille B.02.00.00 of HP-UX 11.00 and 11.11 does not properly configure the (1) NOVRFY and (2) NOEXPN options in the sendmail.cf file, which could allow remote attackers to verify the existence of system users and expand defined sendmail aliases.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:hp:bastille:b.02.00.05:*:hp-ux:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*

History

20 Nov 2024, 23:46

Type Values Removed Values Added
References () http://archives.neohapsis.com/archives/hp/2003-q1/0033.html - () http://archives.neohapsis.com/archives/hp/2003-q1/0033.html -
References () http://www.securityfocus.com/bid/6878 - Patch () http://www.securityfocus.com/bid/6878 - Patch
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/11366 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/11366 -

Information

Published : 2003-12-31 05:00

Updated : 2024-11-20 23:46


NVD link : CVE-2003-1362

Mitre link : CVE-2003-1362

CVE.ORG link : CVE-2003-1362


JSON object : View

Products Affected

hp

  • bastille
  • hp-ux
CWE
CWE-16

Configuration