MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| eric_allman | sendmail | 8.8.4 |
| bsdi | bsd_os | 2.1 |
| eric_allman | sendmail | 8.8.3 |
| caldera | openlinux | 1.0 |
Vacation program allows command execution by remote users through a sendmail command.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | vvos | * |
| sun | solaris | * |
| hp | hp-ux | 10.09 |
| hp | hp-ux | 9 |
| ibm | aix | * |
| sun | sunos | * |
| hp | hp-ux | 10.00 |
| freebsd | freebsd | 6.2 |
| eric_allman | vacation | * |
| hp | hp-ux | 10.24 |
The debug command in Sendmail is enabled, allowing attackers to execute commands as root.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| eric_allman | sendmail | 5.58 |
Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hp | hp-ux | 10.00 |
| eric_allman | sendmail | 8.8 |
| ibm | aix | 3.2 |
| bsdi | bsd_os | 2.1 |
| sun | sunos | 5.5 |
| eric_allman | sendmail | 8.8.1 |
| eric_allman | sendmail | 8.8.3 |
| sun | sunos | 4.1.4 |
| hp | hp-ux | 10.01 |
| freebsd | freebsd | 2.1.6.1 |
| sun | sunos | 4.1.3u1 |
| sun | solaris | 2.5 |
| sun | sunos | 5.4 |
| sco | openserver | 5.0 |
| sun | solaris | 2.5.1 |
| sco | internet_faststart | 1.1 |
| sun | sunos | 5.5.1 |
| hp | hp-ux | 10.10 |
| sun | sunos | 5.3 |
| eric_allman | sendmail | 8.8.2 |
| hp | hp-ux | 10.16 |
| ibm | aix | 4.1 |
| sun | solaris | 2.4 |
| hp | hp-ux | 10.20 |
| sco | openserver | 5.0.2 |
| sco | internet_faststart | 1.0 |
| freebsd | freebsd | 2.1.5 |
| freebsd | freebsd | 2.1.6 |
| ibm | aix | 4.2 |
Local users can start Sendmail in daemon mode and gain root privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| eric_allman | sendmail | 8.7 |
| caldera | network_desktop | 1.0 |
| hp | hp-ux | 10.10 |
| hp | hp-ux | 10.00 |
| eric_allman | sendmail | 8.8.2 |
| eric_allman | sendmail | 8.8 |
| redhat | linux | 4.0 |
| bsdi | bsd_os | 2.1 |
| eric_allman | sendmail | 8.8.1 |
| hp | hp-ux | 10.20 |
| freebsd | freebsd | 2.1.5 |
| freebsd | freebsd | 2.1.6 |
| ibm | aix | 4.2 |
| hp | hp-ux | 10.01 |
Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| sco | openserver | 5.0 |
| eric_allman | sendmail | 8.6 |
| eric_allman | sendmail | 8.7.2 |
| eric_allman | sendmail | 8.7.3 |
| hp | hp-ux | 10.10 |
| eric_allman | sendmail | 8.7.4 |
| digital | osf_1 | 1.3.2 |
| ibm | aix | 3.2 |
| eric_allman | sendmail | 8.7.5 |
| bsdi | bsd_os | 2.1 |
| ibm | aix | 4.1 |
| hp | hp-ux | 10.20 |
| sco | openserver | 5.0.2 |
| redhat | linux | 3.0.3 |
| sco | internet_faststart | 1.0 |
| eric_allman | sendmail | 8.7.1 |
| freebsd | freebsd | 2.1.5 |
| ibm | aix | 4.2 |
| hp | hp-ux | 10.01 |
Sendmail WIZ command enabled, allowing root access.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| eric_allman | sendmail | * |
In older versions of Sendmail, an attacker could use a pipe character to execute root commands.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| eric_allman | sendmail | * |
In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cause the mail to bounce to a program.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| eric_allman | sendmail | 8.6.10 |
Sendmail 8.6.9 allows remote attackers to execute root commands, using ident.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| eric_allman | sendmail | 8.6.9 |
Denial of service in Sendmail 8.6.11 and 8.6.12.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| eric_allman | sendmail | 8.6.12 |
| eric_allman | sendmail | 8.6.11 |
MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| eric_allman | sendmail | 8.8.1 |
| eric_allman | sendmail | 8.8 |
Remote attackers can cause a denial of service in Sendmail 8.8.x and 8.9.2 by sending messages with a large number of headers.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| eric_allman | sendmail | 8.9.2 |
| eric_allman | sendmail | 8.8 |
Sendmail allows local users to reinitialize the aliases database via the newaliases command, then cause a denial of service by interrupting Sendmail.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| eric_allman | sendmail | 8.9.3 |
mail.local in Sendmail 8.10.x does not properly identify the .\n string which identifies the end of message text, which allows a remote attacker to cause a denial of service or corrupt mailboxes via a message line that is 2047 characters long and ends in .\n.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| eric_allman | sendmail | 8.8.4 |
| eric_allman | sendmail | 8.9.1 |
| eric_allman | sendmail | 8.9.3 |
| eric_allman | sendmail | 8.7.2 |
| eric_allman | sendmail | 8.7.x |
| eric_allman | sendmail | 8.8.5 |
| eric_allman | sendmail | 8.7.3 |
| eric_allman | sendmail | 5.59 |
| eric_allman | sendmail | 8.8.2 |
| eric_allman | sendmail | 8.8 |
| eric_allman | sendmail | 8.7.4 |
| eric_allman | sendmail | 8.7.5 |
| eric_allman | sendmail | 8.8.1 |
| eric_allman | sendmail | 8.8.3 |
| eric_allman | sendmail | 8.8.x |
| eric_allman | sendmail | 8.6.x |
| eric_allman | sendmail | 5.58 |
| eric_allman | sendmail | 8.7.1 |
| eric_allman | sendmail | 8.7.6 |