SMTP: RCPT TO PIPE
This signature detects attempts to send shell commands through an SMTP e-mail message by exploiting the pipe passthrough vulnerability. Attackers can use the invalid "rcpt to |" as the "rcpt to" e-mail address to cause Sendmail to reroute data to another program. Some STMP servers have been shown to use the "|" character legitimately.
Extended Description
A vulnerability in Eric Allman's Sendmail prior to version 8.6.10 (and any versions based on 5.x) can be exploited to gain root access on the affected machine. This vulnerability involves sending invalid "mail from" and "rcpt to" addresses that cause sendmail to inappropriately redirect data to another program.
Affected Products
Eric_allman sendmail
Short Name
SMTP:EMAIL:RCPT-TO-PIPE
Severity
Minor
Recommended
False
Recommended Action
None
Category
SMTP
Keywords
CVE-1999-0203 PIPE RCPT TO bid:2308
Release Date
04/22/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Occasionally
Vendors
Eric_allman
CVSS Score
10.0