Vulnerabilities > CVE-2003-1362 - Configuration vulnerability in HP Bastille B.02.00.05

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

CWE-16

NVD

Published: 2003-12-31

Updated: 2017-07-29

Summary

Bastille B.02.00.00 of HP-UX 11.00 and 11.11 does not properly configure the (1) NOVRFY and (2) NOEXPN options in the sendmail.cf file, which could allow remote attackers to verify the existence of system users and expand defined sendmail aliases.

Vulnerable Configurations

Part	Description	Count
OS	Hp HP HP UX 11.11 HP HP UX 11.00	2
Application	Hp HP Bastille B.02.00.05	1

Common Weakness Enumeration (CWE)

CWE-16 - Configuration

References

http://archives.neohapsis.com/archives/hp/2003-q1/0033.html
http://www.securityfocus.com/bid/6878
https://exchange.xforce.ibmcloud.com/vulnerabilities/11366