Vulnerability Details CVE-2002-1278
The mailconf module in Linuxconf 1.24, and other versions before 1.28, on Conectiva Linux 6.0 through 8, and possibly other distributions, generates the Sendmail configuration file (sendmail.cf) in a way that configures Sendmail to run as an open mail relay, which allows remote attackers to send Spam email.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.4%
CVSS Severity
CVSS v2 Score 7.5
References
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000544
- http://www.iss.net/security_center/static/10554.php
- http://www.osvdb.org/6066
- http://www.securityfocus.com/bid/6118
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000544
- http://www.iss.net/security_center/static/10554.php
- http://www.osvdb.org/6066
- http://www.securityfocus.com/bid/6118
Products affected by CVE-2002-1278
-
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.4r2
-
cpe:2.3:a:jacques_gelinas:linuxconf:1.2.5r3