Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
Eric AllmanSendmail

14 matches found

CVE
CVEadded 2000/10/13 4:0 a.m.253 views

CVE-1999-0145

CVE-1999-0145 is a historical vulnerability in Sendmail where the WIZ command can be executed to gain root access. The linked sources consistently describe a Sendmail WIZ/WIZard capability that permits arbitrary command execution with root privileges, effectively allowing local compromise of the ...

7.2CVSS9.5AI score0.00982EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.188 views

CVE-1999-0095

CVE-1999-0095 involves the Sendmail MTA where the DEBUG command is enabled, enabling remote users to execute arbitrary commands as root. Public sources (NVD/Nessus/OpenVAS/Red Hat/CIRCL) confirm that the issue allows full root access via the DEBUG/WIZ mechanism, with assessments placing the impac...

10CVSS9.6AI score0.16446EPSS
CVE
CVEadded 2000/02/04 5:0 a.m.175 views

CVE-1999-0163

CVE-1999-0163 affects older Sendmail versions. An attacker could use a pipe character to execute root commands, enabling local privilege escalation. Affected data shows multiple advisories citing Sendmail with this pipe-based command execution, including references to specific package versions (e...

7.2CVSS7AI score0.00441EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.76 views

CVE-1999-0047

Sendmail MIME conversion overflow CVE-1999-0047 affects versions 8.8.3 and 8.8.4. The vulnerability, described as a MIME conversion overflow, can allow an attacker to execute arbitrary commands as root on a remote host. Remediation: upgrade to Sendmail 8.8.5 or later. This entry is supported by m...

10CVSS7.3AI score0.03112EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.71 views

CVE-1999-0131

CVE-1999-0131 affects Sendmail up to version 8.7.5 and earlier, where a vulnerability in the GECOS field processing can cause a buffer overflow and denial of service that may grant root access to local users. Publicly documented by Red Hat and OpenVAS entries, as well as CVE records, the vulnerab...

7.2CVSS6.8AI score0.00576EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.68 views

CVE-1999-0130

CVE-1999-0130 affects Sendmail 8.7.x and 8.8.x, where a local user can start the SMTP daemon in daemon mode and obtain root privileges. Multiple connected sources corroborate: OpenVAS notes local overflow in Sendmail 8.7.x/8.8.x with daemon-mode enablement; Nessus entries describe local privilege...

7.2CVSS7AI score0.01055EPSS
CVE
CVEadded 2000/04/25 4:0 a.m.68 views

CVE-1999-0203

CVE-1999-0203 affects Sendmail. The vulnerability arises when an SMTP session uses an improper MAIL FROM and an invalid RCPT TO that cause a bounce to a program, enabling an attacker to gain root privileges on the host. Several connected entries corroborate the issue and describe the impact as re...

10CVSS7AI score0.02084EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.67 views

CVE-1999-0206

CVE-1999-0206 describes a MIME buffer overflow in Sendmail versions 8.8.0 and 8.8.1 that can give root access. Connected documents corroborate: Red Hat and Nessus sources note a MIME processing overflow affecting those versions with root access consequences, and a remediation suggested is to upgr...

10CVSS7.4AI score0.01948EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.61 views

CVE-1999-0129

CVE-1999-0129 affects Sendmail and enables local privilege escalation: authenticated or local users can write to a file and gain group permissions via a ".forward" or ":include:" file. Confirmed in multiple connected documents: OpenVAS notes Sendmail 8.8.x up to 8.8.3 vulnerable to group write/fi...

4.6CVSS6.6AI score0.00563EPSS
CVE
CVEadded 1999/09/29 4:0 a.m.61 views

CVE-1999-0204

CVE-1999-0204 affects Sendmail 8.6.9. Multiple connected sources (Red Hat, PT Security, Nessus plugins) describe an ident overflow vulnerability that allows remote attackers to execute commands as root. Root-privilege impact is stated; remediation advised is upgrading to a newer Sendmail version ...

10CVSS7.3AI score0.08674EPSS
CVE
CVEadded 2000/10/13 4:0 a.m.57 views

CVE-1999-0393

The CVE-1999-0393 entry concerns Sendmail 8.8.x and 8.9.2. It states that remote attackers can cause a denial of service by sending messages with a large number of headers, indicating a DoS during header parsing (parsing redirection/headers). The impact is described as a denial of service; exploi...

5CVSS6.6AI score0.02427EPSS
CVE
CVEadded 2000/10/13 4:0 a.m.50 views

CVE-2000-0319

CVE-2000-0319 concerns Sendmail prior to 8.10.0, specifically the mail.local component. The vulnerability arises from improper handling of the end-of-message sequence, the dot on a line (".\n"), causing remote denial of service or mailbox corruption for message lines up to 2047 characters. Affect...

5CVSS6.6AI score0.01835EPSS
CVE
CVEadded 2000/02/04 5:0 a.m.49 views

CVE-1999-0205

CVE-1999-0205 affects Sendmail 8.6.11 and 8.6.12 and causes a Denial of Service. The connected documents confirm the affected software/versions and describe a DoS condition but do not provide a detailed root cause in the available text. Remediation guidance present in PT-1999-1013: update to a ve...

5CVSS7AI score0.01348EPSS
CVE
CVEadded 2000/06/02 4:0 a.m.45 views

CVE-1999-0976

CVE-1999-0976 concerns Sendmail. The affected component is the local-mail transfer agent; the vulnerability allows local users to reinitialize the aliases database via the newaliases command, which can lead to a denial of service by interrupting Sendmail. The provided data notes a low-severity im...

2.1CVSS6.6AI score0.00294EPSS