| Revision Date: | 2016-12-23 | Version: | 11 | | Title: | HPE HP-UX running CIFS Server (Samba), Remote Denial of Service (DoS), Disclosure of Information, Unauthorized Access | | Description: | The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program. | | Family: | unix | Class: | vulnerability | | Status: | ACCEPTED | Reference(s): | CVE-2014-3956
| | Platform(s): | HP-UX 11
| Product(s): | | | Definition Synopsis | | HP-UX B.11.31 AND filesets test
Sendmail.SENDMAIL-RUN version is less than C.8.15.2.1
|
|