VYPR

Sendmail

by Sendmail, Inc.

CVEs (52)

  • CVE-1999-0098Apr 1, 1998
    risk 0.00cvss epss 0.03

    Buffer overflow in SMTP HELO command in Sendmail allows a remote attacker to hide activities.

  • CVE-1999-0047Jan 28, 1997
    risk 0.00cvss epss 0.03

    MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4.

  • CVE-1999-0163Jan 1, 1997
    risk 0.00cvss epss 0.00

    In older versions of Sendmail, an attacker could use a pipe character to execute root commands.

  • CVE-1999-0096Dec 10, 1996
    risk 0.00cvss epss 0.01

    Sendmail decode alias can be used to overwrite sensitive files.

  • CVE-1999-0129Dec 3, 1996
    risk 0.00cvss epss 0.01

    Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.

  • CVE-1999-0206Oct 1, 1996
    risk 0.00cvss epss 0.02

    MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access.

  • CVE-1999-0131Sep 11, 1996
    risk 0.00cvss epss 0.01

    Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.

  • CVE-1999-1309Aug 30, 1996
    risk 0.00cvss epss 0.00

    Sendmail before 8.6.7 allows local users to gain root access via a large value in the debug (-d) command line option.

  • CVE-1999-1580Aug 23, 1995
    risk 0.00cvss epss 0.01

    SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable and passing crafted values to the -oR option.

  • CVE-1999-0203Aug 17, 1995
    risk 0.00cvss epss 0.02

    In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cause the mail to bounce to a program.

  • CVE-1999-0145Sep 30, 1993
    risk 0.00cvss epss 0.01

    Sendmail WIZ command enabled, allowing root access.

  • CVE-1999-0095Oct 1, 1988
    risk 0.00cvss epss 0.16

    The debug command in Sendmail is enabled, allowing attackers to execute commands as root.

Page 3 of 3