mail.local in Sendmail 8.10.x does not properly identify the .\n string which identifies the end of message text, which allows a remote attacker to cause a denial of service or corrupt mailboxes via a message line that is 2047 characters long and ends in .\n.
Max CVSS
5.0
EPSS Score
0.25%
Published
2000-04-23
Updated
2008-09-10
Sendmail allows local users to reinitialize the aliases database via the newaliases command, then cause a denial of service by interrupting Sendmail.
Max CVSS
2.1
EPSS Score
0.06%
Published
1999-12-07
Updated
2008-09-09
Remote attackers can cause a denial of service in Sendmail 8.8.x and 8.9.2 by sending messages with a large number of headers.
Max CVSS
5.0
EPSS Score
0.85%
Published
1999-01-01
Updated
2016-10-18
MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access.
Max CVSS
10.0
EPSS Score
0.75%
Published
1996-10-01
Updated
2022-08-17
Denial of service in Sendmail 8.6.11 and 8.6.12.
Max CVSS
5.0
EPSS Score
3.98%
Published
1999-01-01
Updated
2022-08-17
Sendmail 8.6.9 allows remote attackers to execute root commands, using ident.
Max CVSS
10.0
EPSS Score
3.64%
Published
1997-01-01
Updated
2022-08-17
In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cause the mail to bounce to a program.
Max CVSS
10.0
EPSS Score
1.50%
Published
1995-08-17
Updated
2022-08-17
In older versions of Sendmail, an attacker could use a pipe character to execute root commands.
Max CVSS
7.2
EPSS Score
0.04%
Published
1997-01-01
Updated
2022-08-17
Sendmail WIZ command enabled, allowing root access.
Max CVSS
7.2
EPSS Score
0.08%
Published
1993-09-30
Updated
2019-06-11
Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.
Max CVSS
7.2
EPSS Score
0.04%
Published
1996-09-11
Updated
2008-09-09
Local users can start Sendmail in daemon mode and gain root privileges.
Max CVSS
7.2
EPSS Score
0.04%
Published
1996-11-16
Updated
2008-09-09
Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.
Max CVSS
4.6
EPSS Score
0.05%
Published
1996-12-03
Updated
2022-08-17
The debug command in Sendmail is enabled, allowing attackers to execute commands as root.
Max CVSS
10.0
EPSS Score
7.76%
Published
1988-10-01
Updated
2019-06-11
MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4.
Max CVSS
10.0
EPSS Score
0.75%
Published
1997-01-28
Updated
2008-09-09
14 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!