Lucene search

[email protected]CVE-1999-1309

HistoryAug 30, 1996 - 4:00 a.m.

CVE-1999-1309

1996-08-3004:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

sendmail

v8.6.7

local users

root access

debug value

6.8 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.4%

JSON

Sendmail before 8.6.7 allows local users to gain root access via a large value in the debug (-d) command line option.

CPENameOperatorVersion
sendmail:sendmailsendmaille8.6.7

CPE	Name	Operator	Version
sendmail:sendmail	sendmail	le	8.6.7

References

www.cert.org/advisories/CA-94.12.sendmail.vulnerabilities

www.dataguard.no/bugtraq/1994_1/0040.html

www.dataguard.no/bugtraq/1994_1/0042.html

www.dataguard.no/bugtraq/1994_1/0043.html

www.dataguard.no/bugtraq/1994_1/0048.html

www.dataguard.no/bugtraq/1994_1/0078.html

exchange.xforce.ibmcloud.com/vulnerabilities/7155

6.8 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.4%

JSON

Related for CVE-1999-1309

nessus1 openvas1