The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via (1) expn, (2) checksendmail, or (3) doublebounce.pl.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Sendmail | Sendmail | 8.9.3 (including) | 8.9.3 (including) |
Sendmail | Sendmail | 8.12.3 (including) | 8.12.3 (including) |
Sendmail | Sendmail | 8.12.9 (including) | 8.12.9 (including) |