Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-0130

4 documents4 sources
Severity
7.2HIGH
EPSS
0.9%
top 24.55%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
7
Bsdi BSD OSCaldera Network DesktopEric Allman Sendmail+4 more
Timeline
PublishedNov 16
Latest updateApr 30

Description

Local users can start Sendmail in daemon mode and gain root privileges.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages6 packages

NVDeric_allman/sendmail4 versions+3
NVDibm/aix4.2
NVDhp/hp-ux4 versions+3
NVDbsdi/bsd_os2.1
NVDredhat/linux4.0

Also affects: Freebsd 2.1.5, 2.1.6

🔴Vulnerability Details

2
GHSA
GHSA-rxx7-9cxm-4hfx: Local users can start Sendmail in daemon mode and gain root privileges2022-04-30
CVEList
CVE-1999-0130: Local users can start Sendmail in daemon mode and gain root privileges1999-09-29

💥Exploits & PoCs

1
Exploit-DB
BSD 2 / CND 1 / Sendmail 8.x / FreeBSD 2.1.x / HP-UX 10.x / AIX 4 / RedHat 4 - Sendmail Daemon1996-11-16
CVE-1999-0130 (HIGH CVSS 7.2) | Local users can start Sendmail in d | cvebase.io