Jacques Gelinas : Security Vulnerabilities, CVEs, CVSS score >= 3
Buffer overflow in Linuxconf before 1.28r4 allows local users to execute arbitrary code via a long LINUXCONF_LANG environment variable, which overflows an error string that is generated.
Max CVSS
7.2
EPSS Score
0.04%
Published
2003-04-02
Updated
2008-09-05
The mailconf module in Linuxconf 1.24, and other versions before 1.28, on Conectiva Linux 6.0 through 8, and possibly other distributions, generates the Sendmail configuration file (sendmail.cf) in a way that configures Sendmail to run as an open mail relay, which allows remote attackers to send Spam email.
Max CVSS
7.5
EPSS Score
1.38%
Published
2002-11-12
Updated
2008-09-10
2 vulnerabilities found