Eric Allman » Sendmail : Security Vulnerabilities, CVEs, CVSS score >= 7
MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access.
Max CVSS
10.0
EPSS Score
0.75%
Published
1996-10-01
Updated
2022-08-17
Sendmail 8.6.9 allows remote attackers to execute root commands, using ident.
Max CVSS
10.0
EPSS Score
3.64%
Published
1997-01-01
Updated
2022-08-17
In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cause the mail to bounce to a program.
Max CVSS
10.0
EPSS Score
1.50%
Published
1995-08-17
Updated
2022-08-17
In older versions of Sendmail, an attacker could use a pipe character to execute root commands.
Max CVSS
7.2
EPSS Score
0.04%
Published
1997-01-01
Updated
2022-08-17
Sendmail WIZ command enabled, allowing root access.
Max CVSS
7.2
EPSS Score
0.08%
Published
1993-09-30
Updated
2019-06-11
Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.
Max CVSS
7.2
EPSS Score
0.04%
Published
1996-09-11
Updated
2008-09-09
Local users can start Sendmail in daemon mode and gain root privileges.
Max CVSS
7.2
EPSS Score
0.04%
Published
1996-11-16
Updated
2008-09-09
The debug command in Sendmail is enabled, allowing attackers to execute commands as root.
Max CVSS
10.0
EPSS Score
7.76%
Published
1988-10-01
Updated
2019-06-11
MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4.
Max CVSS
10.0
EPSS Score
0.75%
Published
1997-01-28
Updated
2008-09-09
9 vulnerabilities found