Sendmail
CVEs (52)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-1999-0098 | 0.00 | — | 0.03 | Apr 1, 1998 | Buffer overflow in SMTP HELO command in Sendmail allows a remote attacker to hide activities. | |||
| CVE-1999-0047 | 0.00 | — | 0.03 | Jan 28, 1997 | MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4. | |||
| CVE-1999-0163 | 0.00 | — | 0.00 | Jan 1, 1997 | In older versions of Sendmail, an attacker could use a pipe character to execute root commands. | |||
| CVE-1999-0096 | 0.00 | — | 0.01 | Dec 10, 1996 | Sendmail decode alias can be used to overwrite sensitive files. | |||
| CVE-1999-0129 | 0.00 | — | 0.01 | Dec 3, 1996 | Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file. | |||
| CVE-1999-0206 | 0.00 | — | 0.02 | Oct 1, 1996 | MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access. | |||
| CVE-1999-0131 | 0.00 | — | 0.01 | Sep 11, 1996 | Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users. | |||
| CVE-1999-1309 | 0.00 | — | 0.00 | Aug 30, 1996 | Sendmail before 8.6.7 allows local users to gain root access via a large value in the debug (-d) command line option. | |||
| CVE-1999-1580 | 0.00 | — | 0.01 | Aug 23, 1995 | SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable and passing crafted values to the -oR option. | |||
| CVE-1999-0203 | 0.00 | — | 0.02 | Aug 17, 1995 | In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cause the mail to bounce to a program. | |||
| CVE-1999-0145 | 0.00 | — | 0.01 | Sep 30, 1993 | Sendmail WIZ command enabled, allowing root access. | |||
| CVE-1999-0095 | 0.00 | — | 0.16 | Oct 1, 1988 | The debug command in Sendmail is enabled, allowing attackers to execute commands as root. |
- CVE-1999-0098Apr 1, 1998risk 0.00cvss —epss 0.03
Buffer overflow in SMTP HELO command in Sendmail allows a remote attacker to hide activities.
- CVE-1999-0047Jan 28, 1997risk 0.00cvss —epss 0.03
MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4.
- CVE-1999-0163Jan 1, 1997risk 0.00cvss —epss 0.00
In older versions of Sendmail, an attacker could use a pipe character to execute root commands.
- CVE-1999-0096Dec 10, 1996risk 0.00cvss —epss 0.01
Sendmail decode alias can be used to overwrite sensitive files.
- CVE-1999-0129Dec 3, 1996risk 0.00cvss —epss 0.01
Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.
- CVE-1999-0206Oct 1, 1996risk 0.00cvss —epss 0.02
MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access.
- CVE-1999-0131Sep 11, 1996risk 0.00cvss —epss 0.01
Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.
- CVE-1999-1309Aug 30, 1996risk 0.00cvss —epss 0.00
Sendmail before 8.6.7 allows local users to gain root access via a large value in the debug (-d) command line option.
- CVE-1999-1580Aug 23, 1995risk 0.00cvss —epss 0.01
SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable and passing crafted values to the -oR option.
- CVE-1999-0203Aug 17, 1995risk 0.00cvss —epss 0.02
In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cause the mail to bounce to a program.
- CVE-1999-0145Sep 30, 1993risk 0.00cvss —epss 0.01
Sendmail WIZ command enabled, allowing root access.
- CVE-1999-0095Oct 1, 1988risk 0.00cvss —epss 0.16
The debug command in Sendmail is enabled, allowing attackers to execute commands as root.
Page 3 of 3