Signature Detail
Short Name |
SMTP:SENDMAIL:DEBIAN-SASL-AUTH |
|---|---|
Severity |
Medium |
Recommended |
No |
Category |
SMTP |
Keywords |
Debian Sendmail Default SASL |
Release Date |
2004/09/30 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
SMTP: Debian Sendmail Default SASL
This signature detects SMTP connections using a default account. Debian Woody ships with sendmail using a fixed account name and password. When Simple Authentication and Security Layer is installed, sendmail initializes the SASL database with the built-in account names.
Extended Description
It is reported that the Sendmail package contained in the Debian GNU/Linux operating system is prone to a default password vulnerability, potentially allowing unauthorized use of the Sendmail MTA. This would likely facilitate UCE (Unsolicited Commercial Email, or SPAM) message relaying through affected installations. Versions of the Debian Sendmail packages prior to 8.12.3-7.1 for Debian stable (woody), and versions prior to 8.13.1-13 for Debian unstable (sid) are reported vulnerable.
Affected Products
- Debian Linux 3.0.0
- Debian Linux 3.0.0 Alpha
- Debian Linux 3.0.0 Arm
- Debian Linux 3.0.0 Hppa
- Debian Linux 3.0.0 Ia-32
- Debian Linux 3.0.0 Ia-64
- Debian Linux 3.0.0 M68k
- Debian Linux 3.0.0 Mips
- Debian Linux 3.0.0 Mipsel
- Debian Linux 3.0.0 Ppc
- Debian Linux 3.0.0 S/390
- Debian Linux 3.0.0 Sparc
References
- BugTraq: 11262
- CVE: CVE-2004-0833
- URL: http://www.debian.org/security/2004/dsa-554
- URL: http://www.securityfocus.com/bid/11262