Skip to main content

Configuration

CVE-2003-1362

Severity High
Score 7.8/10

Summary

Bastille B.02.00.00 of HP-UX 11.00 and 11.11 does not properly configure the (1) NOVRFY and (2) NOEXPN options in the sendmail.cf file, which could allow remote attackers to verify the existence of system users and expand defined sendmail aliases.

  • LOW
  • NETWORK
  • NONE
  • NONE
  • COMPLETE
  • NONE

CWE-16 - Configuration

Weaknesses in this category are typically introduced during the configuration of the software.

References

Advisory Timeline

  • Published