All the vulnerabilites related to eric_allman - sendmail
cve-1999-0204
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:27
Severity ?
EPSS score ?
Summary
Sendmail 8.6.9 allows remote attackers to execute root commands, using ident.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0204 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:27:57.921Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0204"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sendmail 8.6.9 allows remote attackers to execute root commands, using ident."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T06:55:54",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0204"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0204",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sendmail 8.6.9 allows remote attackers to execute root commands, using ident."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0204",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0204"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0204",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:27:57.921Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0130
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:27
Severity ?
EPSS score ?
Summary
Local users can start Sendmail in daemon mode and gain root privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/716 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:27:57.542Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "716",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/716"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Local users can start Sendmail in daemon mode and gain root privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "716",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/716"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0130",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Local users can start Sendmail in daemon mode and gain root privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "716",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/716"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0130",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:27:57.542Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0047
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:27
Severity ?
EPSS score ?
Summary
MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/685 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:27:57.134Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "685",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/685"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "685",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/685"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0047",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "685",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/685"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0047",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:27:57.134Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0206
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:27
Severity ?
EPSS score ?
Summary
MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0206 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:27:57.892Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0206"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T06:56:37",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0206"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0206",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0206",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0206"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0206",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:27:57.892Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0129
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:27
Severity ?
EPSS score ?
Summary
Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cert.org/advisories/CA-1996-25.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:27:57.692Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-1996-25.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T05:31:27",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cert.org/advisories/CA-1996-25.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0129",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.cert.org/advisories/CA-1996-25.html",
"refsource": "MISC",
"url": "http://www.cert.org/advisories/CA-1996-25.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0129",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:27:57.692Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0131
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:27
Severity ?
EPSS score ?
Summary
Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/717 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:27:57.691Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "717",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/717"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "717",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/717"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0131",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "717",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/717"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0131",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:27:57.691Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0095
Vulnerability from cvelistv5
Published
1999-09-29 04:00
Modified
2024-08-01 16:27
Severity ?
EPSS score ?
Summary
The debug command in Sendmail is enabled, allowing attackers to execute commands as root.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.osvdb.org/195 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/1 | vdb-entry, x_refsource_BID | |
| http://www.openwall.com/lists/oss-security/2019/06/05/4 | mailing-list, x_refsource_MLIST | |
| http://www.openwall.com/lists/oss-security/2019/06/06/1 | mailing-list, x_refsource_MLIST | |
| http://seclists.org/fulldisclosure/2019/Jun/16 | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:27:57.441Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "195",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/195"
},
{
"name": "1",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1"
},
{
"name": "[oss-security] 20190605 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/06/05/4"
},
{
"name": "[oss-security] 20190606 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/06/06/1"
},
{
"name": "20190611 The Return of the WIZard: RCE in Exim (CVE-2019-10149)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Jun/16"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The debug command in Sendmail is enabled, allowing attackers to execute commands as root."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-11T19:06:09",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "195",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/195"
},
{
"name": "1",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1"
},
{
"name": "[oss-security] 20190605 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/06/05/4"
},
{
"name": "[oss-security] 20190606 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/06/06/1"
},
{
"name": "20190611 The Return of the WIZard: RCE in Exim (CVE-2019-10149)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Jun/16"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0095",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The debug command in Sendmail is enabled, allowing attackers to execute commands as root."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "195",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/195"
},
{
"name": "1",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1"
},
{
"name": "[oss-security] 20190605 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/06/05/4"
},
{
"name": "[oss-security] 20190606 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/06/06/1"
},
{
"name": "20190611 The Return of the WIZard: RCE in Exim (CVE-2019-10149)",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Jun/16"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0095",
"datePublished": "1999-09-29T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:27:57.441Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0145
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-01 16:27
Severity ?
EPSS score ?
Summary
Sendmail WIZ command enabled, allowing root access.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cert.org/advisories/CA-1990-11.html | third-party-advisory, x_refsource_CERT | |
| http://www2.dataguard.no/bugtraq/1995_1/0332.html | mailing-list, x_refsource_BUGTRAQ | |
| http://www.cert.org/advisories/CA-1993-14.html | third-party-advisory, x_refsource_CERT | |
| http://www.alw.nih.gov/Security/Docs/admin-guide-to-cracking.101.html | technical-description, x_refsource_FARMERVENEMA | |
| http://www.openwall.com/lists/oss-security/2019/06/05/4 | mailing-list, x_refsource_MLIST | |
| http://www.openwall.com/lists/oss-security/2019/06/06/1 | mailing-list, x_refsource_MLIST | |
| http://seclists.org/fulldisclosure/2019/Jun/16 | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:27:57.695Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CA-1990-11",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-1990-11.html"
},
{
"name": "19950206 sendmail wizard thing...",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www2.dataguard.no/bugtraq/1995_1/0332.html"
},
{
"name": "CA-1993-14",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-1993-14.html"
},
{
"name": "Improving the Security of Your Site by Breaking Into it",
"tags": [
"technical-description",
"x_refsource_FARMERVENEMA",
"x_transferred"
],
"url": "http://www.alw.nih.gov/Security/Docs/admin-guide-to-cracking.101.html"
},
{
"name": "[oss-security] 20190605 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/06/05/4"
},
{
"name": "[oss-security] 20190606 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/06/06/1"
},
{
"name": "20190611 The Return of the WIZard: RCE in Exim (CVE-2019-10149)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Jun/16"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sendmail WIZ command enabled, allowing root access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-11T19:06:09",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CA-1990-11",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-1990-11.html"
},
{
"name": "19950206 sendmail wizard thing...",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www2.dataguard.no/bugtraq/1995_1/0332.html"
},
{
"name": "CA-1993-14",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-1993-14.html"
},
{
"name": "Improving the Security of Your Site by Breaking Into it",
"tags": [
"technical-description",
"x_refsource_FARMERVENEMA"
],
"url": "http://www.alw.nih.gov/Security/Docs/admin-guide-to-cracking.101.html"
},
{
"name": "[oss-security] 20190605 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/06/05/4"
},
{
"name": "[oss-security] 20190606 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/06/06/1"
},
{
"name": "20190611 The Return of the WIZard: RCE in Exim (CVE-2019-10149)",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Jun/16"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0145",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sendmail WIZ command enabled, allowing root access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CA-1990-11",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-1990-11.html"
},
{
"name": "19950206 sendmail wizard thing...",
"refsource": "BUGTRAQ",
"url": "http://www2.dataguard.no/bugtraq/1995_1/0332.html"
},
{
"name": "CA-1993-14",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-1993-14.html"
},
{
"name": "Improving the Security of Your Site by Breaking Into it",
"refsource": "FARMERVENEMA",
"url": "http://www.alw.nih.gov/Security/Docs/admin-guide-to-cracking.101.html"
},
{
"name": "[oss-security] 20190605 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/06/05/4"
},
{
"name": "[oss-security] 20190606 Re: CVE-2019-10149: Exim 4.87 to 4.91: possible remote exploit",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/06/06/1"
},
{
"name": "20190611 The Return of the WIZard: RCE in Exim (CVE-2019-10149)",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Jun/16"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0145",
"datePublished": "2000-10-13T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:27:57.695Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0163
Vulnerability from cvelistv5
Published
2000-02-04 05:00
Modified
2024-08-01 16:27
Severity ?
EPSS score ?
Summary
In older versions of Sendmail, an attacker could use a pipe character to execute root commands.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.cve.org/CVERecord?id=CVE-1999-0163 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:27:57.738Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cve.org/CVERecord?id=CVE-1999-0163"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In older versions of Sendmail, an attacker could use a pipe character to execute root commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T08:24:05",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cve.org/CVERecord?id=CVE-1999-0163"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0163",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In older versions of Sendmail, an attacker could use a pipe character to execute root commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cve.org/CVERecord?id=CVE-1999-0163",
"refsource": "MISC",
"url": "https://www.cve.org/CVERecord?id=CVE-1999-0163"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0163",
"datePublished": "2000-02-04T05:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:27:57.738Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0205
Vulnerability from cvelistv5
Published
2000-02-04 05:00
Modified
2024-08-01 16:27
Severity ?
EPSS score ?
Summary
Denial of service in Sendmail 8.6.11 and 8.6.12.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0205 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:27:57.930Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0205"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Denial of service in Sendmail 8.6.11 and 8.6.12."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T06:56:19",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0205"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0205",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Denial of service in Sendmail 8.6.11 and 8.6.12."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0205",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0205"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0205",
"datePublished": "2000-02-04T05:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:27:57.930Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0393
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-01 16:34
Severity ?
EPSS score ?
Summary
Remote attackers can cause a denial of service in Sendmail 8.8.x and 8.9.2 by sending messages with a large number of headers.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=91694391227372&w=2 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:34:51.979Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19990121 Sendmail 8.8.x/8.9.x bugware",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=91694391227372\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Remote attackers can cause a denial of service in Sendmail 8.8.x and 8.9.2 by sending messages with a large number of headers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19990121 Sendmail 8.8.x/8.9.x bugware",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=91694391227372\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0393",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Remote attackers can cause a denial of service in Sendmail 8.8.x and 8.9.2 by sending messages with a large number of headers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19990121 Sendmail 8.8.x/8.9.x bugware",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=91694391227372\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0393",
"datePublished": "2000-10-13T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:34:51.979Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0976
Vulnerability from cvelistv5
Published
2000-06-02 04:00
Modified
2024-08-01 16:55
Severity ?
EPSS score ?
Summary
Sendmail allows local users to reinitialize the aliases database via the newaliases command, then cause a denial of service by interrupting Sendmail.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/857 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:55:29.340Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "857",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/857"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "1999-12-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Sendmail allows local users to reinitialize the aliases database via the newaliases command, then cause a denial of service by interrupting Sendmail."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "857",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/857"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0976",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sendmail allows local users to reinitialize the aliases database via the newaliases command, then cause a denial of service by interrupting Sendmail."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "857",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/857"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0976",
"datePublished": "2000-06-02T04:00:00",
"dateReserved": "1999-12-14T00:00:00",
"dateUpdated": "2024-08-01T16:55:29.340Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-1999-0203
Vulnerability from cvelistv5
Published
2000-04-25 04:00
Modified
2024-08-01 16:27
Severity ?
EPSS score ?
Summary
In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cause the mail to bounce to a program.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0203 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T16:27:57.940Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0203"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Sendmail, attackers can gain root privileges via SMTP by specifying an improper \"mail from\" address and an invalid \"rcpt to\" address that would cause the mail to bounce to a program."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-17T06:55:38",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0203"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-0203",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Sendmail, attackers can gain root privileges via SMTP by specifying an improper \"mail from\" address and an invalid \"rcpt to\" address that would cause the mail to bounce to a program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0203",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0203"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-0203",
"datePublished": "2000-04-25T04:00:00",
"dateReserved": "1999-06-07T00:00:00",
"dateUpdated": "2024-08-01T16:27:57.940Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2000-0319
Vulnerability from cvelistv5
Published
2000-10-13 04:00
Modified
2024-08-08 05:14
Severity ?
EPSS score ?
Summary
mail.local in Sendmail 8.10.x does not properly identify the .\n string which identifies the end of message text, which allows a remote attacker to cause a denial of service or corrupt mailboxes via a message line that is 2047 characters long and ends in .\n.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/1146 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/templates/archive.pike?list=1&msg=2694.000424%40SECURITY.NNOV.RU | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:14:21.383Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1146",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1146"
},
{
"name": "20000424 unsafe fgets() in sendmail\u0027s mail.local",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=2694.000424%40SECURITY.NNOV.RU"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-04-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "mail.local in Sendmail 8.10.x does not properly identify the .\\n string which identifies the end of message text, which allows a remote attacker to cause a denial of service or corrupt mailboxes via a message line that is 2047 characters long and ends in .\\n."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1146",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1146"
},
{
"name": "20000424 unsafe fgets() in sendmail\u0027s mail.local",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=2694.000424%40SECURITY.NNOV.RU"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0319",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "mail.local in Sendmail 8.10.x does not properly identify the .\\n string which identifies the end of message text, which allows a remote attacker to cause a denial of service or corrupt mailboxes via a message line that is 2047 characters long and ends in .\\n."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1146",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1146"
},
{
"name": "20000424 unsafe fgets() in sendmail\u0027s mail.local",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=2694.000424@SECURITY.NNOV.RU"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0319",
"datePublished": "2000-10-13T04:00:00",
"dateReserved": "2000-05-11T00:00:00",
"dateUpdated": "2024-08-08T05:14:21.383Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
1997-01-01 05:00
Modified
2024-11-20 23:28
Severity ?
Summary
In older versions of Sendmail, an attacker could use a pipe character to execute root commands.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| eric_allman | sendmail | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:*:*:*:*:*:*:*:*",
"matchCriteriaId": "887964FC-405F-40DB-B848-806748BA6FE8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In older versions of Sendmail, an attacker could use a pipe character to execute root commands."
}
],
"id": "CVE-1999-0163",
"lastModified": "2024-11-20T23:28:01.213",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1997-01-01T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://www.cve.org/CVERecord?id=CVE-1999-0163"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.cve.org/CVERecord?id=CVE-1999-0163"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-01-01 05:00
Modified
2024-11-20 23:28
Severity ?
Summary
Remote attackers can cause a denial of service in Sendmail 8.8.x and 8.9.2 by sending messages with a large number of headers.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| eric_allman | sendmail | 8.8 | |
| eric_allman | sendmail | 8.9.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C973CF06-BEE8-4D79-8649-1510E9EFC29D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "62604D5F-5C2D-4FA3-903C-E52F129318E1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Remote attackers can cause a denial of service in Sendmail 8.8.x and 8.9.2 by sending messages with a large number of headers."
}
],
"id": "CVE-1999-0393",
"lastModified": "2024-11-20T23:28:38.020",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-01-01T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=91694391227372\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=91694391227372\u0026w=2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1996-09-11 04:00
Modified
2024-11-20 23:27
Severity ?
Summary
Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| eric_allman | sendmail | 8.6 | |
| eric_allman | sendmail | 8.7.1 | |
| eric_allman | sendmail | 8.7.2 | |
| eric_allman | sendmail | 8.7.3 | |
| eric_allman | sendmail | 8.7.4 | |
| eric_allman | sendmail | 8.7.5 | |
| bsdi | bsd_os | 2.1 | |
| digital | osf_1 | 1.3.2 | |
| freebsd | freebsd | 2.1.5 | |
| hp | hp-ux | 10.01 | |
| hp | hp-ux | 10.10 | |
| hp | hp-ux | 10.20 | |
| ibm | aix | 3.2 | |
| ibm | aix | 4.1 | |
| ibm | aix | 4.2 | |
| redhat | linux | 3.0.3 | |
| sco | internet_faststart | 1.0 | |
| sco | openserver | 5.0 | |
| sco | openserver | 5.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9413566A-425B-4684-A332-A9DD3309FB51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C2D488B8-49D0-4AFD-A5C1-63CB036E3886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A3E2EE58-BCAD-4F26-94B6-F91CF1731429",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "10AC2FAD-C4AD-46DD-88D1-4F99433B3476",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3B730F70-5662-4BE4-8202-93E12620CBD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6D5E9F-275F-41EB-9707-6B7F129A700F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "766851E2-134A-4A89-931B-6F1753525684",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:digital:osf_1:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44C3AF89-3854-4F37-807E-74FC0640693B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4054D69F-596F-4EB4-BE9A-E2478343F55A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.01:*:*:*:*:*:*:*",
"matchCriteriaId": "53BBFE9A-6846-4625-91AC-47AA0BC0933A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:*",
"matchCriteriaId": "38BFA923-7D80-4F01-AF9F-6F13209948AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*",
"matchCriteriaId": "EDE44C49-172C-4899-8CC8-29AA99A7CD2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5E0678-45C7-492A-963C-897494D6878F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF25306-E7C2-4F9A-A809-4779A6C0A079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "05F20EC2-ADE6-4F96-A2E7-1DCCA819D657",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "445EECD3-2DB9-43D1-B26F-0979A3C02D45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:internet_faststart:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61FEF2E3-1939-42B3-B32F-A22C173A186A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C19F7B3-9043-4E53-90DE-92A4387858A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0169CBF5-9301-42D2-A6DA-73393BD986D8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users."
}
],
"id": "CVE-1999-0131",
"lastModified": "2024-11-20T23:27:56.177",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1996-09-11T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/717"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/717"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1996-11-16 05:00
Modified
2024-11-20 23:27
Severity ?
Summary
Local users can start Sendmail in daemon mode and gain root privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| caldera | network_desktop | 1.0 | |
| eric_allman | sendmail | 8.7 | |
| eric_allman | sendmail | 8.8 | |
| eric_allman | sendmail | 8.8.1 | |
| eric_allman | sendmail | 8.8.2 | |
| bsdi | bsd_os | 2.1 | |
| freebsd | freebsd | 2.1.5 | |
| freebsd | freebsd | 2.1.6 | |
| hp | hp-ux | 10.00 | |
| hp | hp-ux | 10.01 | |
| hp | hp-ux | 10.10 | |
| hp | hp-ux | 10.20 | |
| ibm | aix | 4.2 | |
| redhat | linux | 4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:caldera:network_desktop:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C6CA6D9E-90A8-4A56-A6E9-24618F3FC4F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "31E3751E-859F-47E5-8048-FCBA450DD4B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C973CF06-BEE8-4D79-8649-1510E9EFC29D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "56D2BAF2-F430-41A1-8DEE-1D9CB2A56C32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5E36E877-6028-49DE-8B2E-3087A141F8EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "766851E2-134A-4A89-931B-6F1753525684",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4054D69F-596F-4EB4-BE9A-E2478343F55A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CA26ABBE-9973-45FA-9E9B-82170B751219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.00:*:*:*:*:*:*:*",
"matchCriteriaId": "3187435B-C052-4DBA-AA79-F8AC0287EE14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.01:*:*:*:*:*:*:*",
"matchCriteriaId": "53BBFE9A-6846-4625-91AC-47AA0BC0933A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:*",
"matchCriteriaId": "38BFA923-7D80-4F01-AF9F-6F13209948AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*",
"matchCriteriaId": "EDE44C49-172C-4899-8CC8-29AA99A7CD2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "05F20EC2-ADE6-4F96-A2E7-1DCCA819D657",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:linux:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9092D88-585D-4A0C-B181-E8D93563C74B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Local users can start Sendmail in daemon mode and gain root privileges."
}
],
"id": "CVE-1999-0130",
"lastModified": "2024-11-20T23:27:56.027",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1996-11-16T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/716"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/716"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1997-01-28 05:00
Modified
2024-11-20 23:27
Severity ?
Summary
MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| eric_allman | sendmail | 8.8.3 | |
| eric_allman | sendmail | 8.8.4 | |
| bsdi | bsd_os | 2.1 | |
| caldera | openlinux | 1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9D8484F8-8712-4B55-A163-BA492B4D0095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D15777E6-6951-4559-B19F-08CE6246BF33",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "766851E2-134A-4A89-931B-6F1753525684",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:caldera:openlinux:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ABC52A20-B706-432D-9A15-45F48EB1B08B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4."
}
],
"id": "CVE-1999-0047",
"lastModified": "2024-11-20T23:27:42.613",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1997-01-28T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/685"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/685"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1996-10-01 04:00
Modified
2024-11-20 23:28
Severity ?
Summary
MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| eric_allman | sendmail | 8.8 | |
| eric_allman | sendmail | 8.8.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C973CF06-BEE8-4D79-8649-1510E9EFC29D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "56D2BAF2-F430-41A1-8DEE-1D9CB2A56C32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access."
}
],
"id": "CVE-1999-0206",
"lastModified": "2024-11-20T23:28:07.833",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1996-10-01T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0206"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0206"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1993-09-30 04:00
Modified
2024-11-20 23:27
Severity ?
Summary
Sendmail WIZ command enabled, allowing root access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| eric_allman | sendmail | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:*:*:*:*:*:*:*:*",
"matchCriteriaId": "887964FC-405F-40DB-B848-806748BA6FE8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Sendmail WIZ command enabled, allowing root access."
},
{
"lang": "es",
"value": "Sendmail WIZ comando habilitado, permite el acceso de root"
}
],
"id": "CVE-1999-0145",
"lastModified": "2024-11-20T23:27:58.270",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1993-09-30T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2019/Jun/16"
},
{
"source": "cve@mitre.org",
"url": "http://www.alw.nih.gov/Security/Docs/admin-guide-to-cracking.101.html"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-1990-11.html"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-1993-14.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2019/06/05/4"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2019/06/06/1"
},
{
"source": "cve@mitre.org",
"url": "http://www2.dataguard.no/bugtraq/1995_1/0332.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2019/Jun/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.alw.nih.gov/Security/Docs/admin-guide-to-cracking.101.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-1990-11.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-1993-14.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2019/06/05/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2019/06/06/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www2.dataguard.no/bugtraq/1995_1/0332.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-01-01 05:00
Modified
2024-11-20 23:28
Severity ?
Summary
Denial of service in Sendmail 8.6.11 and 8.6.12.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| eric_allman | sendmail | 8.6.11 | |
| eric_allman | sendmail | 8.6.12 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.6.11:*:*:*:*:*:*:*",
"matchCriteriaId": "7A7D2130-328B-4D1D-A4D5-F4F9610660FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.6.12:*:*:*:*:*:*:*",
"matchCriteriaId": "CDC370E2-6F73-4B80-BBDD-C338E155F502",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Denial of service in Sendmail 8.6.11 and 8.6.12."
}
],
"id": "CVE-1999-0205",
"lastModified": "2024-11-20T23:28:07.680",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-01-01T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0205"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0205"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1988-10-01 04:00
Modified
2024-11-20 23:27
Severity ?
Summary
The debug command in Sendmail is enabled, allowing attackers to execute commands as root.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| eric_allman | sendmail | 5.58 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:5.58:*:*:*:*:*:*:*",
"matchCriteriaId": "1D07F493-9C8D-44A4-8652-F28B46CBA27C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The debug command in Sendmail is enabled, allowing attackers to execute commands as root."
},
{
"lang": "es",
"value": "El comando de depuraci\u00f3n de Sendmail est\u00e1 activado, permitiendo a atacantes ejecutar comandos como root."
}
],
"id": "CVE-1999-0095",
"lastModified": "2024-11-20T23:27:50.607",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1988-10-01T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://seclists.org/fulldisclosure/2019/Jun/16"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2019/06/05/4"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2019/06/06/1"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/195"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2019/Jun/16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2019/06/05/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2019/06/06/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/195"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/1"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1996-12-03 05:00
Modified
2024-11-20 23:27
Severity ?
Summary
Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| eric_allman | sendmail | 8.8 | |
| eric_allman | sendmail | 8.8.1 | |
| eric_allman | sendmail | 8.8.2 | |
| eric_allman | sendmail | 8.8.3 | |
| bsdi | bsd_os | 2.1 | |
| freebsd | freebsd | 2.1.5 | |
| freebsd | freebsd | 2.1.6 | |
| freebsd | freebsd | 2.1.6.1 | |
| hp | hp-ux | 10.00 | |
| hp | hp-ux | 10.01 | |
| hp | hp-ux | 10.10 | |
| hp | hp-ux | 10.16 | |
| hp | hp-ux | 10.20 | |
| ibm | aix | 3.2 | |
| ibm | aix | 4.1 | |
| ibm | aix | 4.2 | |
| sco | internet_faststart | 1.0 | |
| sco | internet_faststart | 1.1 | |
| sco | openserver | 5.0 | |
| sco | openserver | 5.0.2 | |
| sun | solaris | 2.4 | |
| sun | solaris | 2.5 | |
| sun | solaris | 2.5.1 | |
| sun | sunos | 4.1.3u1 | |
| sun | sunos | 4.1.4 | |
| sun | sunos | 5.3 | |
| sun | sunos | 5.4 | |
| sun | sunos | 5.5 | |
| sun | sunos | 5.5.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C973CF06-BEE8-4D79-8649-1510E9EFC29D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "56D2BAF2-F430-41A1-8DEE-1D9CB2A56C32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5E36E877-6028-49DE-8B2E-3087A141F8EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9D8484F8-8712-4B55-A163-BA492B4D0095",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:bsdi:bsd_os:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "766851E2-134A-4A89-931B-6F1753525684",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4054D69F-596F-4EB4-BE9A-E2478343F55A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CA26ABBE-9973-45FA-9E9B-82170B751219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:2.1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7891202C-62AF-4590-9E5F-3514FDA2B38E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.00:*:*:*:*:*:*:*",
"matchCriteriaId": "3187435B-C052-4DBA-AA79-F8AC0287EE14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.01:*:*:*:*:*:*:*",
"matchCriteriaId": "53BBFE9A-6846-4625-91AC-47AA0BC0933A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:*",
"matchCriteriaId": "38BFA923-7D80-4F01-AF9F-6F13209948AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.16:*:*:*:*:*:*:*",
"matchCriteriaId": "38E41C26-A086-4C9C-83D8-CB910F4B67F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*",
"matchCriteriaId": "EDE44C49-172C-4899-8CC8-29AA99A7CD2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD5E0678-45C7-492A-963C-897494D6878F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF25306-E7C2-4F9A-A809-4779A6C0A079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "05F20EC2-ADE6-4F96-A2E7-1DCCA819D657",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:internet_faststart:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61FEF2E3-1939-42B3-B32F-A22C173A186A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:internet_faststart:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A95C1672-F798-44D2-94A1-19492C395FF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2C19F7B3-9043-4E53-90DE-92A4387858A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sco:openserver:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0169CBF5-9301-42D2-A6DA-73393BD986D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:2.4:*:x86:*:*:*:*:*",
"matchCriteriaId": "1F881110-7B54-49DA-B23A-710273430C44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:2.5:*:x86:*:*:*:*:*",
"matchCriteriaId": "200D8CB2-0D52-40A8-9CD9-6E4513605201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:2.5.1:*:x86:*:*:*:*:*",
"matchCriteriaId": "F66BAF35-A8B9-4E95-B270-444206FDD35B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:4.1.3u1:*:*:*:*:*:*:*",
"matchCriteriaId": "FD1BA107-F2D3-4F13-82EC-4576C429E3C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1070749A-65E9-439A-A7CC-3CE529A5D5E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C7A22D21-E0A9-4B56-86C7-805AD1A610D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAC8954-74A8-4FE3-ABE7-57DA041D9D8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5B72953B-E873-4E44-A3CF-12D770A0D416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "39F847DB-65A9-47DA-BCFA-A179E5E2301A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file."
}
],
"id": "CVE-1999-0129",
"lastModified": "2024-11-20T23:27:55.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1996-12-03T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.cert.org/advisories/CA-1996-25.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cert.org/advisories/CA-1996-25.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1997-01-01 05:00
Modified
2024-11-20 23:28
Severity ?
Summary
Sendmail 8.6.9 allows remote attackers to execute root commands, using ident.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| eric_allman | sendmail | 8.6.9 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "64735DDE-2FA2-4C30-80D7-E5D7764280C4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Sendmail 8.6.9 allows remote attackers to execute root commands, using ident."
}
],
"id": "CVE-1999-0204",
"lastModified": "2024-11-20T23:28:07.543",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1997-01-01T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0204"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1995-08-17 04:00
Modified
2024-11-20 23:28
Severity ?
Summary
In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cause the mail to bounce to a program.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| eric_allman | sendmail | 8.6.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C39E29CD-70F7-4C96-93DD-18BD4C6DDFA4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Sendmail, attackers can gain root privileges via SMTP by specifying an improper \"mail from\" address and an invalid \"rcpt to\" address that would cause the mail to bounce to a program."
}
],
"id": "CVE-1999-0203",
"lastModified": "2024-11-20T23:28:07.383",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1995-08-17T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0203"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0203"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
1999-12-07 05:00
Modified
2024-11-20 23:29
Severity ?
Summary
Sendmail allows local users to reinitialize the aliases database via the newaliases command, then cause a denial of service by interrupting Sendmail.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| eric_allman | sendmail | 8.9.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D4273E93-B536-4B2C-8DAD-84A6F5E38890",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Sendmail allows local users to reinitialize the aliases database via the newaliases command, then cause a denial of service by interrupting Sendmail."
}
],
"id": "CVE-1999-0976",
"lastModified": "2024-11-20T23:29:58.997",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "1999-12-07T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/857"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/857"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-04-23 04:00
Modified
2024-11-20 23:32
Severity ?
Summary
mail.local in Sendmail 8.10.x does not properly identify the .\n string which identifies the end of message text, which allows a remote attacker to cause a denial of service or corrupt mailboxes via a message line that is 2047 characters long and ends in .\n.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| eric_allman | sendmail | 5.58 | |
| eric_allman | sendmail | 5.59 | |
| eric_allman | sendmail | 8.6.x | |
| eric_allman | sendmail | 8.7.1 | |
| eric_allman | sendmail | 8.7.2 | |
| eric_allman | sendmail | 8.7.3 | |
| eric_allman | sendmail | 8.7.4 | |
| eric_allman | sendmail | 8.7.5 | |
| eric_allman | sendmail | 8.7.6 | |
| eric_allman | sendmail | 8.7.x | |
| eric_allman | sendmail | 8.8 | |
| eric_allman | sendmail | 8.8.1 | |
| eric_allman | sendmail | 8.8.2 | |
| eric_allman | sendmail | 8.8.3 | |
| eric_allman | sendmail | 8.8.4 | |
| eric_allman | sendmail | 8.8.5 | |
| eric_allman | sendmail | 8.8.x | |
| eric_allman | sendmail | 8.9.1 | |
| eric_allman | sendmail | 8.9.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:5.58:*:*:*:*:*:*:*",
"matchCriteriaId": "1D07F493-9C8D-44A4-8652-F28B46CBA27C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:5.59:*:*:*:*:*:*:*",
"matchCriteriaId": "B8863BB7-833C-462F-BF5F-B27761B05E6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.6.x:*:*:*:*:*:*:*",
"matchCriteriaId": "11C2CB74-F51B-40B9-8008-5EAEA9E8F896",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C2D488B8-49D0-4AFD-A5C1-63CB036E3886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A3E2EE58-BCAD-4F26-94B6-F91CF1731429",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "10AC2FAD-C4AD-46DD-88D1-4F99433B3476",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3B730F70-5662-4BE4-8202-93E12620CBD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6D5E9F-275F-41EB-9707-6B7F129A700F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "02C8FAE4-24FF-49E3-A0D5-A94EBCC80EF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.7.x:*:*:*:*:*:*:*",
"matchCriteriaId": "94C2D541-2E53-44F1-A891-D601F402E1B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C973CF06-BEE8-4D79-8649-1510E9EFC29D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "56D2BAF2-F430-41A1-8DEE-1D9CB2A56C32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5E36E877-6028-49DE-8B2E-3087A141F8EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9D8484F8-8712-4B55-A163-BA492B4D0095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D15777E6-6951-4559-B19F-08CE6246BF33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5ADBDC99-E03C-42FC-9A97-133D45FF4810",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.8.x:*:*:*:*:*:*:*",
"matchCriteriaId": "8A712A7D-1E91-4FE7-A871-5DF20F441198",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F81633D9-456A-4377-93F5-E294146FF2D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_allman:sendmail:8.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D4273E93-B536-4B2C-8DAD-84A6F5E38890",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "mail.local in Sendmail 8.10.x does not properly identify the .\\n string which identifies the end of message text, which allows a remote attacker to cause a denial of service or corrupt mailboxes via a message line that is 2047 characters long and ends in .\\n."
}
],
"id": "CVE-2000-0319",
"lastModified": "2024-11-20T23:32:13.713",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-04-23T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1146"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=2694.000424%40SECURITY.NNOV.RU"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1146"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=2694.000424%40SECURITY.NNOV.RU"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}