National Cyber-Alert System
Vulnerability Summary: ARC-022
Orirignal release date: 2006-05-01
Source: Advanced Research Corporation ®

Overview

    The sendmail DEBUG command enabled. Under certain circumstances, this command could assist the malicious user in compromising the system. The sendmail VRFY and/or EXTN commands may be enabled. These commands can assist the malicious user in guessing valid account names.

Impact

    CVSS Severity: 6.0 (Medium)
    Range: remote
    Authentication:
    Impact Type:

Reference to Advisories, Solutions, and Tools

Vulnerable Software and Vendor

    Sendmail

Technical Details