HighCheck or Attack Name: smtpexec
The sendmail program allows commands to be remotely executed. An attacker can gain access through sendmail and execute commands on the system.
Obtain and install a patch from your vendor for the sendmail pipe bug, or obtain and install a newer version of sendmail available at http://www.sendmail.org or from ftp://ftp.cs.berkeley.edu/ucb/sendmail. For specific patch IDs and detailed information, see the appropriate manufacturer or CERT Advisory listed in the References.
CERT Advisory CA-96.20, Sendmail Vulnerabilities, http://www.cert.org/advisories/CA-96.20.sendmail_vul.html
CERT Advisory CA-96.24, Sendmail Daemon Mode Vulnerability, http://www.cert.org/advisories/CA-96.24.sendmail.daemon.mode.html
Hewlett-Packard Security Bulletin HPSBUX9602-029, Security Vulnerability in HP-UX syslog(3) subroutine, http://us-support.external.hp.com/
SCO Document ID TA107704, What is the SLS OSS449F Network Maintenance Supplement?, http://www.sco.com/ta/
CERT Advisory CA-95.13, Syslog Vulnerability - A Workaround for Sendmail, http://www.cert.org/ftp/cert_advisories/CA-95:13.syslog.vul
CIAC Information Bulletin G-09b, Unix sendmail vulnerability, http://ciac.llnl.gov/ciac/bulletins/g-09b.shtml
CERT Advisory CA-96.25, Sendmail Group Permissions Vulnerability, http://www.cert.org/advisories/CA-96.25.sendmail_groups.html
