Filtered by vendor Sendmail
Subscribe
Total
33 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0715 | 1 Sendmail | 1 Sendmail | 2024-02-04 | 2.1 LOW | N/A |
Sendmail before 8.12.1, without the RestrictQueueRun option enabled, allows local users to obtain potentially sensitive information about the mail queue by setting debugging flags to enable debug mode. | |||||
CVE-2003-0688 | 6 Compaq, Freebsd, Openbsd and 3 more | 6 Tru64, Freebsd, Openbsd and 3 more | 2024-02-04 | 5.0 MEDIUM | N/A |
The DNS map code in Sendmail 8.12.8 and earlier, when using the "enhdnsbl" feature, does not properly initialize certain data structures, which allows remote attackers to cause a denial of service (process crash) via an invalid DNS response that causes Sendmail to free incorrect data. | |||||
CVE-1999-1109 | 1 Sendmail | 1 Sendmail | 2024-02-04 | 5.0 MEDIUM | N/A |
Sendmail before 8.10.0 allows remote attackers to cause a denial of service by sending a series of ETRN commands then disconnecting from the server, while Sendmail continues to process the commands after the connection has been terminated. | |||||
CVE-1999-1309 | 1 Sendmail | 1 Sendmail | 2024-02-04 | 7.2 HIGH | N/A |
Sendmail before 8.6.7 allows local users to gain root access via a large value in the debug (-d) command line option. | |||||
CVE-2002-1165 | 2 Netbsd, Sendmail | 2 Netbsd, Sendmail | 2024-02-04 | 4.6 MEDIUM | N/A |
Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after (1) "||" sequences or (2) "/" characters, which are not properly filtered or verified. | |||||
CVE-1999-1580 | 2 Sendmail, Sun | 2 Sendmail, Sunos | 2024-02-04 | 7.2 HIGH | N/A |
SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable and passing crafted values to the -oR option. | |||||
CVE-2003-0308 | 2 Debian, Sendmail | 2 Debian Linux, Sendmail | 2024-02-04 | 7.2 HIGH | N/A |
The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via (1) expn, (2) checksendmail, or (3) doublebounce.pl. | |||||
CVE-2002-1827 | 1 Sendmail | 1 Sendmail | 2024-02-04 | 2.1 LOW | N/A |
Sendmail 8.9.0 through 8.12.3 allows local users to cause a denial of service by obtaining an exclusive lock on the (1) alias, (2) map, (3) statistics, and (4) pid files. | |||||
CVE-2003-0694 | 11 Apple, Compaq, Freebsd and 8 more | 18 Mac Os X, Mac Os X Server, Tru64 and 15 more | 2024-02-04 | 10.0 HIGH | N/A |
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. | |||||
CVE-1999-1592 | 2 Sendmail, Sun | 2 Sendmail, Sunos | 2024-02-04 | 7.5 HIGH | N/A |
Multiple unspecified vulnerabilities in sendmail 5, as installed on Sun SunOS 4.1.3_U1 and 4.1.4, have unspecified attack vectors and impact. NOTE: this might overlap CVE-1999-0129. | |||||
CVE-2002-0906 | 1 Sendmail | 1 Sendmail | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Sendmail before 8.12.5, when configured to use a custom DNS map to query TXT records, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malicious DNS server. | |||||
CVE-2003-0681 | 8 Apple, Gentoo, Hp and 5 more | 14 Mac Os X, Mac Os X Server, Linux and 11 more | 2024-02-04 | 7.5 HIGH | N/A |
A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences. | |||||
CVE-1999-0478 | 1 Sendmail | 1 Sendmail | 2024-02-04 | 5.0 MEDIUM | N/A |
Denial of service in HP-UX sendmail 8.8.6 related to accepting connections. |