CVE-2003-1362 Information

Description

Bastille B.02.00.00 of HP-UX 11.00 and 11.11 does not properly configure the (1) NOVRFY and (2) NOEXPN options in the sendmail.cf file which could allow remote attackers to verify the existence of system users and expand defined sendmail aliases.

Reference

http://archives.neohapsis.com/archives/hp/2003-q1/0033.html http://www.securityfocus.com/bid/6878 https://exchange.xforce.ibmcloud.com/vulnerabilities/11366