Computer Security
[EN] no-pyccku

sendmail file descriptor leakage
SecurityVulns ID:13809
Threat Level:
Description:File descriptors are not closed on external applications call.
Affected:SENDMAIL : Sendmail 8.14
CVE:CVE-2014-3956 (The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program.)
Original documentdocumentFREEBSD, FreeBSD Security Advisory FreeBSD-SA-14:11.sendmail (04.06.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod