Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sendmail sendmail 8.11.7 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-3956
The sm_close_on_exec function in conf.c in sendmail prior to 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program.