CVE-2003-1362

Published: Dec 31, 2003Modified: Apr 16, 2026

7.8

Vector

AV:N/AC:L/Au:N/C:C/I:N/A:N

Exploitability: 10.0 / Impact: 6.9

Source: NVD

Description

Bastille B.02.00.00 of HP-UX 11.00 and 11.11 does not properly configure the (1) NOVRFY and (2) NOEXPN options in the sendmail.cf file, which could allow remote attackers to verify the existence of system users and expand defined sendmail aliases.

Affected (1)

Products: Hp: Bastille

1 product

Bastille

Configuration A

1 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Hp Bastille	Version b.02.00.05

Running on/with	Platform Versions
Hp Hp Ux	Version 11.00
Hp Hp Ux	Version 11.11

Related CWEs

CWE-16

References (6)

http://archives.neohapsis.com/archives/hp/2003-q1/0033.html

Source: cve@mitre.org

http://www.securityfocus.com/bid/6878

Source: cve@mitre.org

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/11366

Source: cve@mitre.org

http://archives.neohapsis.com/archives/hp/2003-q1/0033.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/6878

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/11366

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.