Jacques Gelinas: Security Vulnerabilities
Buffer overflow in Linuxconf before 1.28r4 allows local users to execute arbitrary code via a long LINUXCONF_LANG environment variable, which overflows an error string that is generated.
CVSS Score
7.2
EPSS Score
0.002
Published
2003-04-02
The mailconf module in Linuxconf 1.24, and other versions before 1.28, on Conectiva Linux 6.0 through 8, and possibly other distributions, generates the Sendmail configuration file (sendmail.cf) in a way that configures Sendmail to run as an open mail relay, which allows remote attackers to send Spam email.
CVSS Score
7.5
EPSS Score
0.007
Published
2002-11-12