Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> SMTP problems >> Sendmail's from piped program

Vulnerability Assessment Details

Sendmail's from piped program
Vulnerability Assessment Summary
Checks if the remote mail server can be used to gain a shell

Detailed Explanation for this Vulnerability Assessment


The remote SMTP server did not complain when issued the
command :
MAIL FROM: |testing

This probably means that it is possible to send mail
that will be bounced to a program, which is
a serious threat, since this permits anyone to execute
arbitrary commands on this host.

*** This security hole might be a false positive, since
*** some MTAs will not complain to this test, but instead
*** just drop the message silently

Solution : upgrade your MTA or change it.

Network Security Threat Level: High

Networks Security ID: 2308

Vulnerability Assessment Copyright: This script is Copyright (C) 1999 Renaud Deraison
Cables, Connectors


Cisco Nexus 48-Port 10G SFP+ Switch N9K-9396PX w/ 9K-M12PQ 12-Port 40G QSFP picture

Cisco Nexus 48-Port 10G SFP+ Switch N9K-9396PX w/ 9K-M12PQ 12-Port 40G QSFP

$249.99


Lot of 10pcs Brocade 57-1000012-01 8Gbps SWL 850nm SFP+ Optical Transceivers picture

Lot of 10pcs Brocade 57-1000012-01 8Gbps SWL 850nm SFP+ Optical Transceivers

$19.00


Cisco 10G SFP+ Module SFP-10G-SR 10-2415-03 (Lot of 5) picture

Cisco 10G SFP+ Module SFP-10G-SR 10-2415-03 (Lot of 5)

$24.99


Genuine Cisco SFP-10G-SR V03 10GBASE-SR SFP+ Transceiver Module 10-2415-03 picture

Genuine Cisco SFP-10G-SR V03 10GBASE-SR SFP+ Transceiver Module 10-2415-03

$8.00


NEW Sealed Cisco SFP-10G-LR 10GBASE-LR SFP+ 1310nm 10km *US Shipping* picture

NEW Sealed Cisco SFP-10G-LR 10GBASE-LR SFP+ 1310nm 10km *US Shipping*

$18.00


Brand New Cisco GLC-LH-SMD 1000BASE-LX/LH SFP Module 1310nm 10km SMF LC picture

Brand New Cisco GLC-LH-SMD 1000BASE-LX/LH SFP Module 1310nm 10km SMF LC

$13.89


Mellanox Original MFM1T02A-SR 10GbE 10GBASE-SR SFP+ Transceiver picture

Mellanox Original MFM1T02A-SR 10GbE 10GBASE-SR SFP+ Transceiver

$9.00


LOT OF 20 Genuine Cisco SFP-10G-SR V03 10GBASE-SR SFP+ Transceiver Module picture

LOT OF 20 Genuine Cisco SFP-10G-SR V03 10GBASE-SR SFP+ Transceiver Module

$89.00


Cisco Meraki MA-SFP-10GB-SR 10G SFP+ SR 850nm 300m LC MMF picture

Cisco Meraki MA-SFP-10GB-SR 10G SFP+ SR 850nm 300m LC MMF

$29.99


Discussions

No Discussions have been posted on this vulnerability.