Lucene search

K
Eric AllmanSendmail

14 matches found

CVE
CVE
added 2000/10/13 4:0 a.m.235 views

CVE-1999-0145

Sendmail WIZ command enabled, allowing root access.

7.2CVSS9.5AI score0.0054EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.161 views

CVE-1999-0163

In older versions of Sendmail, an attacker could use a pipe character to execute root commands.

7.2CVSS7AI score0.0019EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.156 views

CVE-1999-0095

The debug command in Sendmail is enabled, allowing attackers to execute commands as root.

10CVSS9.6AI score0.10645EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.60 views

CVE-1999-0047

MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4.

10CVSS7.3AI score0.02172EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.54 views

CVE-1999-0131

Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.

7.2CVSS6.8AI score0.00096EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.54 views

CVE-1999-0206

MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access.

10CVSS7.4AI score0.00495EPSS
CVE
CVE
added 2000/04/25 4:0 a.m.52 views

CVE-1999-0203

In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cause the mail to bounce to a program.

10CVSS7AI score0.00483EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.50 views

CVE-1999-0129

Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.

4.6CVSS6.6AI score0.00122EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.49 views

CVE-1999-0130

Local users can start Sendmail in daemon mode and gain root privileges.

7.2CVSS7AI score0.00886EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.46 views

CVE-1999-0204

Sendmail 8.6.9 allows remote attackers to execute root commands, using ident.

10CVSS7.3AI score0.06712EPSS
CVE
CVE
added 2000/10/13 4:0 a.m.43 views

CVE-1999-0393

Remote attackers can cause a denial of service in Sendmail 8.8.x and 8.9.2 by sending messages with a large number of headers.

5CVSS6.6AI score0.04014EPSS
CVE
CVE
added 2000/10/13 4:0 a.m.43 views

CVE-2000-0319

mail.local in Sendmail 8.10.x does not properly identify the .\n string which identifies the end of message text, which allows a remote attacker to cause a denial of service or corrupt mailboxes via a message line that is 2047 characters long and ends in .\n.

5CVSS6.6AI score0.00655EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.38 views

CVE-1999-0205

Denial of service in Sendmail 8.6.11 and 8.6.12.

5CVSS7AI score0.00504EPSS
CVE
CVE
added 2000/06/02 4:0 a.m.34 views

CVE-1999-0976

Sendmail allows local users to reinitialize the aliases database via the newaliases command, then cause a denial of service by interrupting Sendmail.

2.1CVSS6.6AI score0.00075EPSS