Vulnerability Description
The mailconf module in Linuxconf 1.24, and other versions before 1.28, on Conectiva Linux 6.0 through 8, and possibly other distributions, generates the Sendmail configuration file (sendmail.cf) in a way that configures Sendmail to run as an open mail relay, which allows remote attackers to send Spam email.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Jacques Gelinas | Linuxconf | 1.2.4r2 |
References
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000544
- http://www.iss.net/security_center/static/10554.phpVendor Advisory
- http://www.osvdb.org/6066
- http://www.securityfocus.com/bid/6118
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000544
- http://www.iss.net/security_center/static/10554.phpVendor Advisory
- http://www.osvdb.org/6066
- http://www.securityfocus.com/bid/6118
FAQ
What is CVE-2002-1278?
CVE-2002-1278 is a vulnerability with a CVSS score of 7.5 (HIGH). The mailconf module in Linuxconf 1.24, and other versions before 1.28, on Conectiva Linux 6.0 through 8, and possibly other distributions, generates the Sendmail configuration file (sendmail.cf) in a ...
How severe is CVE-2002-1278?
CVE-2002-1278 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-1278?
Check the references section above for vendor advisories and patch information. Affected products include: Jacques Gelinas Linuxconf.