Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2014-3956HistoryJun 04, 2014 - 11:19 a.m.
CVE-2014-3956
2014-06-0411:19:13
Debian Security Bug Tracker
security-tracker.debian.org
11
1.9 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
10.3%
The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | sendmail | < 8.14.4-6 | sendmail_8.14.4-6_all.deb |
| Debian | 11 | all | sendmail | < 8.14.4-6 | sendmail_8.14.4-6_all.deb |
| Debian | 999 | all | sendmail | < 8.14.4-6 | sendmail_8.14.4-6_all.deb |
| Debian | 13 | all | sendmail | < 8.14.4-6 | sendmail_8.14.4-6_all.deb |
Related
nessus
nessus
SuSE 11.3 Security Update : sendmail (SAT Patch Number 9345)
2014-07-05 00:00:00
Fedora 20 : sendmail-8.14.8-2.fc20 (2014-7093)
2014-06-13 00:00:00
AIX 7.2 TL 0 : sendmail (IJ02918)
2018-04-10 00:00:00
ibm
ibm
Security Bulletin: Vulnerability in sendmail impacts AIX (CVE-2014-3956)
2021-10-26 19:42:53
securityvulns
securityvulns
sendmail file descriptor leakage
2014-06-04 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1969
2021-07-02 18:07:53
openvas
openvas
Slackware: Security Advisory (SSA:2014-156-04)
2022-04-21 00:00:00
Huawei EulerOS: Security Advisory for sendmail (EulerOS-SA-2019-2661)
2020-01-23 00:00:00
Fedora Update for sendmail FEDORA-2014-7095
2014-06-23 00:00:00
aix
aix
prion
prion
Code injection
2014-06-04 11:19:00
gentoo
gentoo
sendmail: Information disclosure
2014-12-22 00:00:00
slackware
slackware
[slackware-security] sendmail
2014-06-06 05:27:31
fedora
fedora
[SECURITY] Fedora 20 Update: sendmail-8.14.8-2.fc20
2014-06-13 05:31:53
[SECURITY] Fedora 19 Update: sendmail-8.14.7-2.fc19
2014-06-19 23:00:43
mageia
mageia
Updated sendmail packages fix CVE-2014-3956
2014-06-20 23:41:07
ubuntucve
ubuntucve
CVE-2014-3956
2014-06-04 00:00:00
cvelist
cvelist
CVE-2014-3956
2014-06-04 10:00:00
cve
cve
CVE-2014-3956
2014-06-04 11:19:13
nvd
nvd
CVE-2014-3956
2014-06-04 11:19:13
1.9 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:N/A:N
0.0004 Low
EPSS
Percentile
10.3%
Related for DEBIANCVE:CVE-2014-3956