The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via (1) expn, (2) checksendmail, or (3) doublebounce.pl.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Sendmail | Sendmail | 8.9.3 | 8.9.3 |
Sendmail | Sendmail | 8.12.3 | 8.12.3 |
Sendmail | Sendmail | 8.12.9 | 8.12.9 |