Lucene search
HistoryMay 17, 2003 - 4:00 a.m.
CVE-2003-0308
sendmail
debian gnu/linux
8.12.3
temporary files
security vulnerability
nvd
cve-2003-0308
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
6.3 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via (1) expn, (2) checksendmail, or (3) doublebounce.pl.
Affected configurations
Node
sendmailsendmailMatch8.9.3
ORsendmailsendmailMatch8.12.3
ORsendmailsendmailMatch8.12.9
Node
debiandebian_linuxMatch3.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| sendmail:sendmail | sendmail | eq | 8.9.3 |
| sendmail:sendmail | sendmail | eq | 8.12.3 |
| sendmail:sendmail | sendmail | eq | 8.12.9 |
Related
osv
osv
sendmail - insecure temporary files
2003-05-15 00:00:00
nessus
nessus
Debian DSA-305-1 : sendmail - insecure temporary files
2004-09-29 00:00:00
nvd
nvd
CVE-2003-0308
2003-05-15 04:00:00
CVE-2008-1078
2008-02-29 02:44:00
openvas
openvas
Debian Security Advisory DSA 305-1 (sendmail)
2008-01-17 00:00:00
Debian Security Advisory DSA 305-1 (sendmail)
2008-01-17 00:00:00
cvelist
cvelist
CVE-2003-0308
2003-05-17 04:00:00
CVE-2008-1078
2008-02-29 02:00:00
debiancve
debiancve
CVE-2003-0308
2003-05-17 04:00:00
cve
cve
CVE-2008-1078
2008-02-29 02:44:00
ubuntucve
ubuntucve
CVE-2008-1078
2008-02-29 00:00:00
prion
prion
Code injection
2008-02-29 02:44:00
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
6.3 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2003-0308