Sendmail

Sendmail

36 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
2.1

CVE-2002-1827

Exploit
  • EPSS 0.4%
  • Published 31.12.2002 05:00:00
  • Last modified 03.04.2025 01:03:51

Sendmail 8.9.0 through 8.12.3 allows local users to cause a denial of service by obtaining an exclusive lock on the (1) alias, (2) map, (3) statistics, and (4) pid files.

4.6

CVE-2002-1165

Exploit
  • EPSS 2.9%
  • Published 11.10.2002 04:00:00
  • Last modified 03.04.2025 01:03:51

Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after (1) "||" sequenc...

7.5

CVE-2002-0906

  • EPSS 2.97%
  • Published 04.10.2002 04:00:00
  • Last modified 03.04.2025 01:03:51

Buffer overflow in Sendmail before 8.12.5, when configured to use a custom DNS map to query TXT records, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malicious DNS server.

2.1

CVE-2001-0715

Exploit
  • EPSS 0.1%
  • Published 30.10.2001 05:00:00
  • Last modified 03.04.2025 01:03:51

Sendmail before 8.12.1, without the RestrictQueueRun option enabled, allows local users to obtain potentially sensitive information about the mail queue by setting debugging flags to enable debug mode.

2.1

CVE-2001-0714

  • EPSS 0.06%
  • Published 30.10.2001 05:00:00
  • Last modified 03.04.2025 01:03:51

Sendmail before 8.12.1, without the RestrictQueueRun option enabled, allows local users to cause a denial of service (data loss) by (1) setting a high initial message hop count option (-h), which causes Sendmail to drop queue entries, (2) via the -qR...

4.6

CVE-2001-0713

  • EPSS 0.07%
  • Published 30.10.2001 05:00:00
  • Last modified 03.04.2025 01:03:51

Sendmail before 8.12.1 does not properly drop privileges when the -C option is used to load custom configuration files, which allows local users to gain privileges via malformed arguments in the configuration file whose names contain characters with ...

4.6

CVE-2001-0653

Exploit
  • EPSS 0.23%
  • Published 20.09.2001 04:00:00
  • Last modified 03.04.2025 01:03:51

Sendmail 8.10.0 through 8.11.5, and 8.12.0 beta, allows local users to modify process memory and possibly gain privileges via a large value in the 'category' part of debugger (-d) command line arguments, which is interpreted as a negative number.

3.7

CVE-2001-1349

Exploit
  • EPSS 0.09%
  • Published 28.05.2001 04:00:00
  • Last modified 03.04.2025 01:03:51

Sendmail before 8.11.4, and 8.12.0 before 8.12.0.Beta10, allows local users to cause a denial of service and possibly corrupt the heap and gain privileges via race conditions in signal handlers.

7.5

CVE-1999-1592

  • EPSS 0.4%
  • Published 31.12.1999 05:00:00
  • Last modified 03.04.2025 01:03:51

Multiple unspecified vulnerabilities in sendmail 5, as installed on Sun SunOS 4.1.3_U1 and 4.1.4, have unspecified attack vectors and impact. NOTE: this might overlap CVE-1999-0129.

5

CVE-1999-1109

  • EPSS 7.75%
  • Published 22.12.1999 05:00:00
  • Last modified 03.04.2025 01:03:51

Sendmail before 8.10.0 allows remote attackers to cause a denial of service by sending a series of ETRN commands then disconnecting from the server, while Sendmail continues to process the commands after the connection has been terminated.