cbcvebase.

Sendmail vulnerabilities

34 known vulnerabilities affecting sendmail/sendmail.

Total CVEs
34
CISA KEV
0
Public exploits
10
Exploited in wild
3
Severity breakdown
CRITICAL3HIGH14MEDIUM12LOW5

Vulnerabilities

Page 1 of 2
CVE-2003-0694P2CRITICALCVSS 10.0ExploitedPoCv2.6v2.6.1+31 more2003-10-06
CVE-2003-0694 [CRITICAL] CVE-2003-0694: The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.
nvdosv
CVE-2003-0681P2HIGHCVSS 7.5ExploitedPoCv2.6v2.6.1+31 more2003-10-06
CVE-2003-0681 [HIGH] CVE-2003-0681: A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rul A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.
nvdosv
CVE-2006-4434P2HIGHCVSS 7.5Exploitedfixed in 8.13.82006-08-29
CVE-2006-4434 [HIGH] CWE-416 CVE-2006-4434: Use-after-free vulnerability in Sendmail before 8.13.8 allows remote attackers to cause a denial of Use-after-free vulnerability in Sendmail before 8.13.8 allows remote attackers to cause a denial of service (crash) via a long "header line", which causes a previously freed variable to be referenced. NOTE: the original developer has disputed the severity of this issue, saying "The only denial of service that is possible here is to fill up the disk with
nvdosv
CVE-2002-1337P2CRITICALCVSS 10.0PoCfixed in 8.9.3≥ 8.10.0, < 8.11.6+1 more2003-03-07
CVE-2002-1337 [CRITICAL] CWE-120 CVE-2002-1337: Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via cer Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.
nvdosv
CVE-2006-0058P3HIGHCVSS 7.6PoCv8.13.0v8.13.1+4 more2006-03-22
CVE-2006-0058 [HIGH] CVE-2006-0058: Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute ar Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory locations.
nvdosv
CVE-2003-0161P3CRITICALCVSS 10.0PoCv2.6v2.6.1+29 more2003-04-02
CVE-2003-0161 [CRITICAL] CVE-2003-0161: The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not proper The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary
nvdosv
CVE-2009-1490P3MEDIUMCVSS 5.0PoC≤ 8.13.1.2v2.6+49 more2009-05-05
CVE-2009-1490 [MEDIUM] CWE-119 CVE-2009-1490: Heap-based buffer overflow in Sendmail before 8.13.2 allows remote attackers to cause a denial of se Heap-based buffer overflow in Sendmail before 8.13.2 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long X- header, as demonstrated by an X-Testing header.
nvdosv
CVE-2021-3618P3HIGHCVSS 7.4fixed in 8.172022-03-23
CVE-2021-3618 [HIGH] CWE-295 CVE-2021-3618: ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementin ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS sess
nvdosv
CVE-2009-4565P3HIGHCVSS 7.5≤ 8.14.3v2.6+56 more2010-01-04
CVE-2009-4565 [HIGH] CVE-2009-4565: sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name (CN) field of an X sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote attackers to bypass intended access restrictions via a
nvdosv
CVE-1999-1109P4MEDIUMCVSS 5.0PoC≤ 8.10.01999-12-22
CVE-1999-1109 [MEDIUM] CVE-1999-1109: Sendmail before 8.10.0 allows remote attackers to cause a denial of service by sending a series of E Sendmail before 8.10.0 allows remote attackers to cause a denial of service by sending a series of ETRN commands then disconnecting from the server, while Sendmail continues to process the commands after the connection has been terminated.
nvd
CVE-2002-1165P4MEDIUMCVSS 4.6PoCv8.12.0v8.12.1+5 more2002-10-11
CVE-2002-1165 [MEDIUM] CVE-2002-1165: Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other ver Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after (1) "||" sequences or (2) "/" characters, which are not properly filtered or verified.
nvdosv
CVE-2001-0653P4MEDIUMCVSS 4.6PoCv8.11.0v8.11.1+5 more2001-09-20
CVE-2001-0653 [MEDIUM] CVE-2001-0653: Sendmail 8.10.0 through 8.11.5, and 8.12.0 beta, allows local users to modify process memory and pos Sendmail 8.10.0 through 8.11.5, and 8.12.0 beta, allows local users to modify process memory and possibly gain privileges via a large value in the 'category' part of debugger (-d) command line arguments, which is interpreted as a negative number.
nvd
CVE-2007-2246P4HIGHCVSS 7.8v8.9.3v8.11.12007-04-25
CVE-2007-2246 [HIGH] CVE-2007-2246: Unspecified vulnerability in HP-UX B.11.00 and B.11.11, when running sendmail 8.9.3 or 8.11.1; and H Unspecified vulnerability in HP-UX B.11.00 and B.11.11, when running sendmail 8.9.3 or 8.11.1; and HP-UX B.11.23 when running sendmail 8.11.1; allows remote attackers to cause a denial of service via unknown attack vectors. NOTE: due to the lack of details from HP, it is not known whether this issue is a duplicate of another CVE such as CVE-2006-1173 or CVE-200
nvd
CVE-2002-2261P4HIGHCVSS 7.5v8.9.0v8.9.1+22 more2002-12-31
CVE-2002-2261 [HIGH] CWE-264 CVE-2002-2261: Sendmail 8.9.0 through 8.12.6 allows remote attackers to bypass relaying restrictions enforced by th Sendmail 8.9.0 through 8.12.6 allows remote attackers to bypass relaying restrictions enforced by the 'check_relay' function by spoofing a blank DNS hostname.
nvdosv
CVE-2002-1827P4LOWCVSS 2.1PoCv8.9.0v8.9.1+17 more2002-12-31
CVE-2002-1827 [LOW] CVE-2002-1827: Sendmail 8.9.0 through 8.12.3 allows local users to cause a denial of service by obtaining an exclus Sendmail 8.9.0 through 8.12.3 allows local users to cause a denial of service by obtaining an exclusive lock on the (1) alias, (2) map, (3) statistics, and (4) pid files.
nvdosv
CVE-2004-0833P4HIGHCVSS 7.5≥ 0, < 8.13.1-132004-12-23
CVE-2004-0833 [HIGH] CVE-2004-0833: Sendmail before 8 Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages.
osv
CVE-2023-51765P4MEDIUMCVSS 5.3fixed in 8.18.0.22023-12-24
CVE-2023-51765 [MEDIUM] CWE-345 CVE-2023-51765: sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports . but some other popular e-mail servers do not. This is resolved in 8.18
nvdosv
CVE-2002-0906P4HIGHCVSS 7.5v8.12.0v8.12.1+2 more2002-10-04
CVE-2002-0906 [HIGH] CVE-2002-0906: Buffer overflow in Sendmail before 8.12.5, when configured to use a custom DNS map to query TXT reco Buffer overflow in Sendmail before 8.12.5, when configured to use a custom DNS map to query TXT records, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malicious DNS server.
nvdosv
CVE-2006-7175P4HIGHCVSS 7.5v8.13.1.22007-03-27
CVE-2006-7175 [HIGH] CVE-2006-7175: The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and earlier does not allow t The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and earlier does not allow the administrator to disable SSLv2 encryption, which could cause less secure channels to be used than desired.
nvd
CVE-1999-1580P4HIGHCVSS 7.2v5.59v5.61+1 more1995-08-23
CVE-1999-1580 [HIGH] CVE-1999-1580: SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows loca SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable and passing crafted values to the -oR option.
nvd
Sendmail vulnerabilities | cvebase