SMTP: Debian Sendmail Default SASL
This signature detects SMTP connections using a default account. Debian Woody ships with sendmail using a fixed account name and password. When Simple Authentication and Security Layer is installed, sendmail initializes the SASL database with the built-in account names.
Extended Description
It is reported that the Sendmail package contained in the Debian GNU/Linux operating system is prone to a default password vulnerability, potentially allowing unauthorized use of the Sendmail MTA. This would likely facilitate UCE (Unsolicited Commercial Email, or SPAM) message relaying through affected installations. Versions of the Debian Sendmail packages prior to 8.12.3-7.1 for Debian stable (woody), and versions prior to 8.13.1-13 for Debian unstable (sid) are reported vulnerable.
Affected Products
Debian linux
References
BugTraq: 11262
CVE: CVE-2004-0833
URL: http://www.debian.org/security/2004/dsa-554 http://www.securityfocus.com/bid/11262
Short Name
SMTP:SENDMAIL:DEBIAN-SASL-AUTH
Severity
Minor
Recommended
False
Recommended Action
None
Category
SMTP
Keywords
CVE-2004-0833 Debian Default SASL Sendmail bid:11262
Release Date
09/30/2004
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Debian
CVSS Score
7.5