SMTP: REPLY TO PIPE
This signature detects attempts to send shell commands through an SMTP e-mail message by exploiting the pipe passthrough vulnerability. Attackers can use the invalid "reply to |" as the "reply to" e-mail address to cause Sendmail to reroute data to another program. This can also be legitimate traffic from several types of SMTP servers.
Extended Description
A vulnerability in Eric Allman's Sendmail prior to version 8.6.10 (and any versions based on 5.x) can be exploited to gain root access on the affected machine. This vulnerability involves sending invalid "mail from" and "rcpt to" addresses that cause sendmail to inappropriately redirect data to another program.
Affected Products
Eric_allman sendmail
Short Name
SMTP:EMAIL:REPLY-TO-PIPE
Severity
Minor
Recommended
False
Recommended Action
None
Category
SMTP
Keywords
CVE-1999-0203 PIPE REPLY TO bid:2308
Release Date
04/22/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Occasionally
Vendors
Eric_allman
CVSS Score
10.0