Sendmail
Sign in to watchby Eric Allman
CVEs (14)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-1999-0095 | 0.05 | — | 0.22 | Oct 1, 1988 | The debug command in Sendmail is enabled, allowing attackers to execute commands as root. | ||
| CVE-1999-0393 | 0.03 | — | 0.06 | Jan 1, 1999 | Remote attackers can cause a denial of service in Sendmail 8.8.x and 8.9.2 by sending messages with a large number of headers. | ||
| CVE-1999-0204 | 0.03 | — | 0.03 | Jan 1, 1997 | Sendmail 8.6.9 allows remote attackers to execute root commands, using ident. | ||
| CVE-1999-0130 | 0.03 | — | 0.01 | Nov 16, 1996 | Local users can start Sendmail in daemon mode and gain root privileges. | ||
| CVE-2000-0319 | 0.00 | — | 0.01 | Apr 23, 2000 | mail.local in Sendmail 8.10.x does not properly identify the .\n string which identifies the end of message text, which allows a remote attacker to cause a denial of service or corrupt mailboxes via a message line that is 2047 characters long and ends in .\n. | ||
| CVE-1999-0976 | 0.00 | — | 0.00 | Dec 7, 1999 | Sendmail allows local users to reinitialize the aliases database via the newaliases command, then cause a denial of service by interrupting Sendmail. | ||
| CVE-1999-0205 | 0.00 | — | 0.01 | Jan 1, 1999 | Denial of service in Sendmail 8.6.11 and 8.6.12. | ||
| CVE-1999-0047 | 0.00 | — | 0.02 | Jan 28, 1997 | MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4. | ||
| CVE-1999-0163 | 0.00 | — | 0.00 | Jan 1, 1997 | In older versions of Sendmail, an attacker could use a pipe character to execute root commands. | ||
| CVE-1999-0129 | 0.00 | — | 0.00 | Dec 3, 1996 | Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file. | ||
| CVE-1999-0206 | 0.00 | — | 0.01 | Oct 1, 1996 | MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access. | ||
| CVE-1999-0131 | 0.00 | — | 0.00 | Sep 11, 1996 | Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users. | ||
| CVE-1999-0203 | 0.00 | — | 0.00 | Aug 17, 1995 | In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cause the mail to bounce to a program. | ||
| CVE-1999-0145 | 0.00 | — | 0.01 | Sep 30, 1993 | Sendmail WIZ command enabled, allowing root access. |