漏洞信息详情
Linuxconf恶意模块邮件转发漏洞
- CNNVD编号:CNNVD-200211-028
- 危害等级: 高危
- CVE编号: CVE-2002-1278
- 漏洞类型: 输入验证
- 发布时间: 2002-11-12
- 威胁类型: 远程
- 更新时间: 2005-05-13
- 厂 商: jacques_gelinas
- 漏洞来源: Vulnerability anno...
漏洞简介
Conectiva Linux 6.0至8版本及可能其他发布版本上的Linuxconf 1.24和其他1.28之前版本的mailconf模块配置Sendmail为开放邮件转发形式,生成Sendmail配置文件(sendmail.cf)。远程攻击者可以利用该漏洞发送Spam邮件。
漏洞公告
Conectiva has released a security advisory containing fixes. Fixes are available: Jacques Gelinas Linuxconf 1.2.4 r2
- Conectiva linuxconf-1.24r2-6U60_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/linuxconf-1.24r2-6U60_1c l.src.rpm
- Conectiva linuxconf-mailconf-1.24r2-6U60_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/6.0/RPMS/linuxconf-mailconf-1.24r2 -6U60_1cl.i386.rpm
- Conectiva linuxconf-1.25r3-27U70_2cl.src.rpm ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/linuxconf-1.25r3-27U70_2 cl.src.rpm
- Conectiva linuxconf-1.25r3-39U80_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/8/SRPMS/linuxconf-1.25r3-39U80_1cl .src.rpm
- Conectiva linuxconf-mailconf-1.25r3-27U70_2cl.i386.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/linuxconf-mailconf-1.25r3 -27U70_2cl.i386.rpm
- Conectiva linuxconf-mailconf-1.25r3-39U80_1cl.i386.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/linuxconf-mailconf-1.25r3-3 9U80_1cl.i386.rpm
参考网址
来源: XF 名称: linuxconf-sendmail-mail-relay(10554) 链接:http://www.iss.net/security_center/static/10554.php 来源: BID 名称: 6118 链接:http://www.securityfocus.com/bid/6118 来源: OSVDB 名称: 6066 链接:http://www.osvdb.org/6066 来源: CONECTIVA 名称: CLA-2002:544 链接:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000544
受影响实体
- Jacques_gelinas Linuxconf:1.2.4r2
- Jacques_gelinas Linuxconf:1.2.5r3
- Jacques_gelinas Linuxconf:1.2.4r2
- Jacques_gelinas Linuxconf:1.2.5r3
补丁
暂无
特别声明
本站(ZONE.CI)所有文章仅供技术研究,若将其信息做其他用途,由用户承担全部法律及连带责任,本站不承担任何法律及连带责任,请遵守中华人民共和国安全法.
评论