Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 SMTP:EMAIL:HEADER-FROM-PIPE

Severity

 Minor

Recommended

 No

Category

 SMTP

Keywords

 FROM PIPE

Release Date

 2003/04/22

Update Number

 1213

Supported Platforms

 di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

SMTP: FROM PIPE


This signature detects attempts to send shell commands through a SMTP e-mail message by exploiting the pipe passthrough vulnerability. Attackers can use the invalid "from |" as the return e-mail address to cause Sendmail to reroute data to another program.

Extended Description

A vulnerability in Eric Allman's Sendmail prior to version 8.6.10 (and any versions based on 5.x) can be exploited to gain root access on the affected machine. This vulnerability involves sending invalid "mail from" and "rcpt to" addresses that cause sendmail to inappropriately redirect data to another program.

Affected Products

  • Eric_allman sendmail 5.58.0
  • Eric_allman sendmail 5.59.0

References

  • BugTraq: 2308
  • CVE: CVE-1999-0203

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out