4.6

CVE-2001-0653

Exploit
Sendmail 8.10.0 through 8.11.5, and 8.12.0 beta, allows local users to modify process memory and possibly gain privileges via a large value in the 'category' part of debugger (-d) command line arguments, which is interpreted as a negative number.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SendmailSendmail Version8.11.0
SendmailSendmail Version8.11.1
SendmailSendmail Version8.11.2
SendmailSendmail Version8.11.3
SendmailSendmail Version8.11.4
SendmailSendmail Version8.11.5
SendmailSendmail Version8.12 Updatebeta10
SendmailSendmail Version8.12 Updatebeta12
SendmailSendmail Version8.12 Updatebeta16
SendmailSendmail Version8.12 Updatebeta5
SendmailSendmail Version8.12 Updatebeta7
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.18% 0.635
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.6 3.9 6.4
AV:L/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://rhn.redhat.com/errata/RHSA-2001-106.html
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-017.txt.asc
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000412
http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-032-01
http://marc.info/?l=bugtraq&m=99841063100516&w=2
http://www.calderasystems.com/support/security/advisories/CSSA-2001-032.0.txt
http://www.ciac.org/ciac/bulletins/l-133.shtml
http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-075.php3
http://www.novell.com/linux/security/advisories/2001_028_sendmail_txt.html
http://www.securityfocus.com/bid/3163
Patch
Vendor Advisory
Exploit
http://www.sendmail.org/8.11.html
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTL0112-007
https://exchange.xforce.ibmcloud.com/vulnerabilities/7016