7.2

CVE-1999-1580

Exploit
SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable and passing crafted values to the -oR option.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SendmailSendmail Version5.59
SendmailSendmail Version5.61
SendmailSendmail Version5.65
SunSunos Version4.1.1
SunSunos Version4.1.2
SunSunos Version4.1.3
SunSunos Version4.1.3c
SunSunos Version4.1.3u1
SunSunos Version4.1.4
SunSunos Version4.1.4jl
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.12% 0.617
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.alw.nih.gov/Security/8lgm/8lgm-Advisory-21.html
Exploit
http://www.auscert.org.au/render.html?it=1853&cid=1978
Vendor Advisory
http://www.cert.org/advisories/CA-95.11.sun.sendmail-oR.vul
Patch
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/3278
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/7829