CVE-2004-0833

EPSS 0.66%

sendmail - pre-set password

Published: 12/23/2004Modified: 4/28/2026

Description

Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages.

Affected packages (2)

Debian/sendmailfrom 0, < 8.13.1-13
Debian/sendmailfrom 0, < 8.12.3-7.1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2004-0833