SUSE Linux Enterprise Module for Legacy Software 12 update for sendmail



Risk Medium
Patch available YES
Number of vulnerabilities 1
CVE-ID N/A
CWE-ID CWE-254
Exploitation vector Network
Public exploit N/A
Vulnerable software
 SUSE Linux Enterprise Module for Legacy Software
Operating systems & Components / Operating system

sendmail-debugsource
Operating systems & Components / Operating system package or component

sendmail-debuginfo
Operating systems & Components / Operating system package or component

sendmail
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) Security features bypass

EUVDB-ID: #VU67946

Risk: Medium

CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: N/A

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows a remote attacker to disable TLS encryption.

The vulnerability exists due to an error related to SMTP session reuse. If sendmail tries to reuse an SMTP session which had already been closed by the server, then the connection cache can have invalid information about the session. As a result, STARTTLS is never used for the new session, even if offered by the peer.

Mitigation

Install update from vendor's website.

Vulnerable software versions

SUSE Linux Enterprise Module for Legacy Software: 12

sendmail-debugsource: before 8.14.9-4.3.1

sendmail-debuginfo: before 8.14.9-4.3.1

sendmail: before 8.14.9-4.3.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2022/suse-su-20223529-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###