Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 SMTP:COMMAND:DEBUG

Severity

 Critical

Recommended

 No

Recommended Action

 Drop

Category

 SMTP

Keywords

 Debug Command

Release Date

 2003/04/22

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

SMTP: Debug Command


This signature detects attempts to exploit a known vulnerability against sendmail debug mode. The debug mode allows an e-mail message recipient to be a program that contains all the privileges of the user ID, which sendmail runs (usually root). Attackers can set the shell as the e-mail recipient and include malicious shell commands in the message body.

Extended Description

Sendmail's debug mode allows the recipient of an email message to be a program that runs with the privileges of the user id which sendmail is running under. This user is normally root. This allows an attacker to set the recipient to the shell and include shell commands in the message body. This vulnerability was used by the Morris Worm.

Affected Products

  • Eric Allman Sendmail 5.58.0

References

  • BugTraq: 1
  • CERT: CA-1988-01
  • CVE: CVE-1999-0095
  • URL: http://www.securityfocus.com/bid/1/exploit

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out