Linuxconf sendmail.cf file allows mail relaying

linuxconf-sendmail-mail-relay (10554) The risk level is classified as LowLow Risk

Description:

Linuxconf could allow a remote attacker to perform mail relaying, caused by a vulnerability in the sendmail.cf file when it is generated by the mailconf module. If a remote attacker sends an email message using "user%domain@" as the format for the recipient address, the attacker could then use the sendmail server as an open mail relay.


Consequences:

Bypass Security

Remedy:

Upgrade to the latest version of Linuxconf (1.29r1 or later), available from the Linuxconf Web page. See References.

For Conectiva Linux:
Upgrade to the latest mailconf package as listed below. Refer to Conectiva Linux Announcement CLSA-2002:544 for more information. See References.

Conectiva Linux 6.0: 1.24r2-6U60_1cl or later
Conectiva Linux 7.0: 1.25r3-27U70_2cl or later
Conectiva Linux 8.0: 1.25r3-39U80_1cl or later

For other distributions:
Contact your vendor for upgrade or patch information.

References:

  • Conectiva Linux Announcement CLSA-2002:544: Open relay in mailconf module.
  • Conectiva Web site: Bug 6597 Sendmail Relay Hole: user%domain@ exploit .
  • Linuxconf Web site: LInuxconf home.
  • BID-6118: Linuxconf mailconf Module Mail Relay Vulnerability
  • CVE-2002-1278: The mailconf module in Linuxconf 1.24, and other versions before 1.28, on Conectiva Linux 6.0 through 8, and possibly other distributions, generates the Sendmail configuration file (sendmail.cf) in a way that configures Sendmail to run as an open mail relay, which allows remote attackers to send Spam email.
  • OSVDB ID: 6066: Linuxconf mailconf Improper Sendmail Relay Configuration

Platforms Affected:

  • Solucorp, Jacques Gélinas Linuxconf prior to 1.28

Reported:

Nov 06, 2002

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email ignore thisxforceignore this@ignore thisus.ignore thisibm.comignore this

Return to the main page