VulnerableCode Package Details - pkg:deb/ubuntu/sendmail@8.14.3-9.2ubuntu1

Search for packages

Package details: pkg:deb/ubuntu/sendmail@8.14.3-9.2ubuntu1

Essentials
History (0)

purl	pkg:deb/ubuntu/sendmail@8.14.3-9.2ubuntu1

Next non-vulnerable version	8.14.4-4.1ubuntu1.1
Latest non-vulnerable version	8.14.4-7
Risk	1.4

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-6vnz-eme3-aaac Aliases: CVE-2014-3956	The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program.	8.14.4-4.1ubuntu1.1 Affected by 0 other vulnerabilities. 8.14.4-7 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-6vnz-eme3-aaac
Aliases:
CVE-2014-3956

The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program.

8.14.4-4.1ubuntu1.1
Affected by 0 other vulnerabilities.

8.14.4-7
Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version