The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program.

Metrics

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:L/AC:M/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Fedoraproject
  • Fedora
Freebsd
  • Freebsd
Hp
  • Hpux
Sendmail
  • Sendmail

Configuration 1 [-]

cpe:2.3:o:freebsd:freebsd:*:-:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:a:hp:hpux:*:*:*:*:*:*:*:*

Configuration 3 [-]

cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*

Configuration 4 [-]

OR cpe:2.3:a:sendmail:sendmail:*:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.6.7:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.7.6:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.7.7:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.7.8:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.7.9:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.7.10:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.8.8:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.9.0:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.9.1:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.9.2:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.9.3:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.10:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.10.0:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.10.1:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.10.2:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.11.0:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.11.1:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.11.2:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.11.3:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.11.4:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.11.5:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.11.6:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.11.7:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12.0:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12.1:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12.2:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12.3:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12.4:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12.5:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12.6:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12.7:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12.8:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12.9:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12.10:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12.11:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.13.0:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.13.1:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.13.2:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.13.3:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.13.4:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.13.5:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.13.6:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.13.7:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.13.8:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.14.0:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.14.1:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.14.2:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.14.3:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.14.4:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.14.5:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.14.6:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.14.7:*:*:*:*:*:*:*

No data.

References
Link Providers
ftp://ftp.sendmail.org/pub/sendmail/RELEASE_NOTES cve-icon cve-icon
http://advisories.mageia.org/MGASA-2014-0270.html cve-icon cve-icon
http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134349.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-updates/2014-06/msg00032.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-updates/2014-06/msg00033.html cve-icon cve-icon
http://packetstormsecurity.com/files/126975/Slackware-Security-Advisory-sendmail-Updates.html cve-icon cve-icon
http://secunia.com/advisories/57455 cve-icon cve-icon
http://secunia.com/advisories/58628 cve-icon cve-icon
http://security.gentoo.org/glsa/glsa-201412-32.xml cve-icon cve-icon
http://www.freebsd.org/security/advisories/FreeBSD-SA-14%3A11.sendmail.asc cve-icon cve-icon
http://www.mandriva.com/security/advisories?name=MDVSA-2014:147 cve-icon cve-icon
http://www.mandriva.com/security/advisories?name=MDVSA-2015:128 cve-icon cve-icon
http://www.securityfocus.com/bid/67791 cve-icon cve-icon
http://www.securitytracker.com/id/1030331 cve-icon cve-icon
http://www.sendmail.com/sm/open_source/download/8.14.9/ cve-icon cve-icon
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2014&m=slackware-security.728644 cve-icon cve-icon
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05216368 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2014-3956 cve-icon
https://www.cve.org/CVERecord?id=CVE-2014-3956 cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2014-06-04T10:00:00

Updated: 2024-08-06T10:57:18.265Z

Reserved: 2014-06-03T00:00:00

Link: CVE-2014-3956

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2014-06-04T11:19:13.890

Modified: 2017-12-29T02:29:22.723

Link: CVE-2014-3956

cve-icon Redhat

Severity : Low

Publid Date: 2014-05-21T00:00:00Z

Links: CVE-2014-3956 - Bugzilla