CVE-2004-0833

Publication date 23 December 2004

Last updated 24 July 2024

Ubuntu priority

Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
sendmail	7.10 gutsy	Not affected
	7.04 feisty	Not affected
	6.10 edgy	Fixed 8.13.8-2
	6.06 LTS dapper	Fixed 8.13.5-3ubuntu1.1

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2004-0833