Vulnerability Description
Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian | Debian Linux | 3.0 |
References
- http://secunia.com/advisories/12667
- http://www.debian.org/security/2004/dsa-554PatchVendor Advisory
- http://www.securityfocus.com/bid/11262PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17531
- http://secunia.com/advisories/12667
- http://www.debian.org/security/2004/dsa-554PatchVendor Advisory
- http://www.securityfocus.com/bid/11262PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17531
FAQ
What is CVE-2004-0833?
CVE-2004-0833 is a vulnerability with a CVSS score of 7.5 (HIGH). Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as...
How severe is CVE-2004-0833?
CVE-2004-0833 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-0833?
Check the references section above for vendor advisories and patch information. Affected products include: Debian Debian Linux.