CVE-1999-0129

1996-12-0305:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-1999-0129

sendmail

local users

group permissions.

6.6 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

14.3%

JSON

Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.

CPENameOperatorVersion
eric_allman:sendmaileric allman sendmaileq8.8.2
eric_allman:sendmaileric allman sendmaileq8.8.1
eric_allman:sendmaileric allman sendmaileq8.8.3
eric_allman:sendmaileric allman sendmaileq8.8
sco:openserversco openservereq5.0
sun:sunossun sunoseq5.3
sun:sunossun sunoseq4.1.4
hp:hp-uxhp hp-uxeq10.01
sun:solarissun solariseq2.4
hp:hp-uxhp hp-uxeq10.00

CPE	Name	Operator	Version
eric_allman:sendmail	eric allman sendmail	eq	8.8.2
eric_allman:sendmail	eric allman sendmail	eq	8.8.1
eric_allman:sendmail	eric allman sendmail	eq	8.8.3
eric_allman:sendmail	eric allman sendmail	eq	8.8
sco:openserver	sco openserver	eq	5.0
sun:sunos	sun sunos	eq	5.3
sun:sunos	sun sunos	eq	4.1.4
hp:hp-ux	hp hp-ux	eq	10.01
sun:solaris	sun solaris	eq	2.4
hp:hp-ux	hp hp-ux	eq	10.00