SMTP: "wiz" Command
This signature detects attempts to exploit a known vulnerability against the SMTP server support for the WIZ command. An attacker can attempt to determine if the SMTP server under attack supports the WIZ command. Support for this command can provide anonymous root access for the attacker. The command must be enabled for a successful attack.
Extended Description
Sendmail is the standard Mail Transfer Agent for Unix systems. Older versions of Sendmail have the WIZ command enabled. The WIZ command was originally intended to allow administrators to access a remote shell on the host. If the command is enabled then a remote attacker can use it to gain root access on the vulnerable host.
Affected Products
Sendmail_consortium sendmail
Short Name
SMTP:COMMAND:WIZ
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
SMTP
Keywords
"wiz" CA-1993-14 CVE-1999-0145 Command bid:2897
Release Date
04/22/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Sendmail_consortium
CVSS Score
7.2