CVE-2003-0308
sendmail - insecure temporary files
EPSS 0.06%
Description
The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via (1) expn, (2) checksendmail, or (3) doublebounce.pl.
How to fix CVE-2003-0308
To remediate CVE-2003-0308, upgrade the affected package to a fixed version below.
- Debian/sendmail—upgrade to 8.12.9-2 or later
- Debian/sendmail—upgrade to 8.12.3-6.4 or later
Is CVE-2003-0308 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 8.12.9-2
- from 0, < 8.12.3-6.4