CVE-1999-0203

3 documents3 sources
Severity
10.0CRITICAL
EPSS
0.5%
top 34.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Eric Allman Sendmail
Timeline
PublishedAug 17
Latest updateApr 30

Description

In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cause the mail to bounce to a program.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-8vhw-fcrr-hw7r: In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cau2022-04-30
CVEList
CVE-1999-0203: In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cau2000-04-25
CVE-1999-0203 (CRITICAL CVSS 10) | In Sendmail | cvebase.io