
Sendmail Wizard Backdoor
The wizard backdoor allows an intruder to gain access to a machine through the
sendmail port. This option looks for the wiz backdoor found on older Ultrix
machines. It allows a user to start up a shell without logging in.
Risk: High
Fix: If the wiz command is enabled on sendmail, it should be disabled by adding
this line to the sendmail.cf configuration file (note that it must be upper case):
Advisories: