Lucene search

[email protected]CVE-1999-0145

HistorySep 30, 1993 - 4:00 a.m.

CVE-1999-0145

1993-09-3004:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

185

cve-1999-0145

sendmail

wiz command

root access

nvd

9.5 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

32.0%

JSON

Sendmail WIZ command enabled, allowing root access.

CPENameOperatorVersion
eric_allman:sendmaileric allman sendmaileq*

CPE	Name	Operator	Version
eric_allman:sendmail	eric allman sendmail	eq	*

References

seclists.org/fulldisclosure/2019/Jun/16

www.alw.nih.gov/Security/Docs/admin-guide-to-cracking.101.html

www.cert.org/advisories/CA-1990-11.html

www.cert.org/advisories/CA-1993-14.html

www.openwall.com/lists/oss-security/2019/06/05/4

www.openwall.com/lists/oss-security/2019/06/06/1

www2.dataguard.no/bugtraq/1995_1/0332.html

9.5 High

AI Score

Confidence

High

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

32.0%

JSON

Related for CVE-1999-0145

openvas1 cbl_mariner1 nessus1 exploitpack1 zdt1 exploitdb1