CVE-1999-0047
published 1997-01-28CVE-1999-0047: MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4.
PriorityP427critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
3.11%
86.2th percentile
MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| bsdi | bsd_os | — | — |
| caldera | openlinux | — | — |
| eric_allman | sendmail | — | — |
| eric_allman | sendmail | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
CAPEC
MIME Conversion
mitre_capec
[HIGH] MIME Conversion
CAPEC-42: MIME Conversion
An attacker exploits a weakness in the MIME conversion routine to cause a buffer overflow and gain control over the mail server machine. The MIME system is designed to allow various different information formats to be interpreted and sent via e-mail. Attack points exist when data are converted to MIME compatible format and back.
Execution Flow:
Step 1 [Explore]: [Identify target mail server] The adversary identifies a target mail server that they wish to attack.
Technique: Use Nmap on a system to identify a mail server service.
Step 2 [Explore]: [Determine viability of attack] Determine whether the mail server is unpatched and is potentially vulnerable to one of the known MIME conversion buffer overflows (e.g. Sendmail 8.8.3 and 8.8.4).
Step 3 [Experiment]: [Fin
1997-01-28
Published