The sm_close_on_exec function in conf.c in sendmail prior to 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
freebsd freebsd |
||
hp hpux |
||
fedoraproject fedora 20 |
||
sendmail sendmail 8.7.7 |
||
sendmail sendmail 8.7.8 |
||
sendmail sendmail 8.10 |
||
sendmail sendmail 8.10.0 |
||
sendmail sendmail 8.10.1 |
||
sendmail sendmail 8.7.9 |
||
sendmail sendmail 8.8.8 |
||
sendmail sendmail 8.10.2 |
||
sendmail sendmail 8.11.0 |
||
sendmail sendmail 8.11.5 |
||
sendmail sendmail 8.11.6 |
||
sendmail sendmail 8.12.3 |
||
sendmail sendmail 8.12.4 |
||
sendmail sendmail 8.14.7 |
||
sendmail sendmail 8.14.6 |
||
sendmail sendmail 8.14.5 |
||
sendmail sendmail 8.13.7 |
||
sendmail sendmail 8.13.6 |
||
sendmail sendmail 8.11.7 |
||
sendmail sendmail 8.12.0 |
||
sendmail sendmail 8.12.5 |
||
sendmail sendmail 8.12.6 |
||
sendmail sendmail 8.14.4 |
||
sendmail sendmail 8.14.3 |
||
sendmail sendmail 8.13.5 |
||
sendmail sendmail 8.13.4 |
||
sendmail sendmail 8.6.7 |
||
sendmail sendmail 8.9.0 |
||
sendmail sendmail 8.9.1 |
||
sendmail sendmail 8.11.1 |
||
sendmail sendmail 8.11.2 |
||
sendmail sendmail 8.12.1 |
||
sendmail sendmail 8.12.10 |
||
sendmail sendmail 8.12.7 |
||
sendmail sendmail 8.12.8 |
||
sendmail sendmail 8.14.2 |
||
sendmail sendmail 8.14.1 |
||
sendmail sendmail 8.13.3 |
||
sendmail sendmail 8.13.2 |
||
sendmail sendmail 8.7.10 |
||
sendmail sendmail 8.7.6 |
||
sendmail sendmail 8.9.2 |
||
sendmail sendmail 8.9.3 |
||
sendmail sendmail 8.11.3 |
||
sendmail sendmail 8.11.4 |
||
sendmail sendmail 8.12.11 |
||
sendmail sendmail 8.12.2 |
||
sendmail sendmail 8.12.9 |
||
sendmail sendmail |
||
sendmail sendmail 8.14.0 |
||
sendmail sendmail 8.13.8 |
||
sendmail sendmail 8.13.1 |
||
sendmail sendmail 8.13.0 |
Vulmon