Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sendmail sendmail 3.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2003-0308
The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via (1) expn, (2) checksendmail, or (3) doublebounce.pl.
Sendmail Sendmail 8.12.3
Sendmail Sendmail 8.12.9
Sendmail Sendmail 8.9.3
Debian Debian Linux 3.0
NA
CVE-2009-1490
Heap-based buffer overflow in Sendmail prior to 8.13.2 allows remote malicious users to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long X- header, as demonstrated by an X-Testing header.
Sendmail Sendmail 2.6.2
Sendmail Sendmail 8.9.2
Sendmail Sendmail 8.12.11
Sendmail Sendmail 8.11.4
Sendmail Sendmail 8.8.8
Sendmail Sendmail 8.11.7
Sendmail Sendmail 2.6.1
Sendmail Sendmail 8.12
Sendmail Sendmail 5
Sendmail Sendmail 2.6
Sendmail Sendmail 8.11.1
Sendmail Sendmail 8.11.0
Sendmail Sendmail 8.12.3
Sendmail Sendmail 8.11.3
Sendmail Sendmail 8.12.8
Sendmail Sendmail 8.6.7
Sendmail Sendmail 8.7.9
Sendmail Sendmail 5.59
Sendmail Sendmail 5.61
Sendmail Sendmail 8.12.9
Sendmail Sendmail 8.9.1
Sendmail Sendmail 3.0.1
1 EDB exploit
NA
CVE-2009-4565
sendmail prior to 8.14.4 does not properly handle a '\0' character in a Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle malicious users to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate C...
Sendmail Sendmail 8.9.2
Sendmail Sendmail 8.11.4
Sendmail Sendmail 8.13.4
Sendmail Sendmail 8.8.8
Sendmail Sendmail 8.11.7
Sendmail Sendmail 8.13.1
Sendmail Sendmail 8.12
Sendmail Sendmail 5
Sendmail Sendmail 2.6
Sendmail Sendmail 8.11.1
Sendmail Sendmail 8.11.0
Sendmail Sendmail 8.13.5
Sendmail Sendmail 8.12.3
Sendmail Sendmail 8.13.8
Sendmail Sendmail 8.11.3
Sendmail Sendmail 2.6.1
Sendmail Sendmail 8.12.8
Sendmail Sendmail 8.6.7
Sendmail Sendmail 8.7.9
Sendmail Sendmail 5.59
Sendmail Sendmail 5.61
Sendmail Sendmail 8.12.9
NA
CVE-2003-0681
A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.
Sendmail Sendmail Switch 2.1.2
Sendmail Sendmail Switch 3.0.2
Sendmail Sendmail Switch 2.2.2
Sendmail Sendmail 2.6.2
Sendmail Sendmail 8.9.2
Sendmail Sendmail Switch 2.1.1
Sendmail Sendmail 8.11.4
Sendmail Sendmail 8.8.8
Sendmail Sendmail 8.12
Sendmail Sendmail 2.6
Sendmail Sendmail 8.11.1
Sendmail Sendmail 8.11.0
Sendmail Sendmail Switch 2.1.3
Sendmail Sendmail 8.12.3
Sendmail Sendmail 8.11.3
Sendmail Sendmail Switch 2.2.1
Sendmail Sendmail 2.6.1
Sendmail Advanced Message Server 1.3
Sendmail Sendmail 8.12.8
Sendmail Sendmail 8.12.9
Sendmail Sendmail 8.9.1
Sendmail Sendmail Pro 8.9.2
1 EDB exploit
NA
CVE-2003-0161
The prescan() function in the address parser (parseaddr.c) in Sendmail prior to 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" co...
Sendmail Sendmail Switch 2.1.2
Sendmail Sendmail Switch 3.0.2
Sendmail Sendmail Switch 2.2.2
Sendmail Sendmail 2.6.2
Sendmail Sendmail 8.9.2
Sendmail Sendmail Switch 2.1.1
Sendmail Sendmail 8.11.4
Sendmail Sendmail 8.12
Sendmail Sendmail 2.6
Sendmail Sendmail 8.11.1
Sendmail Sendmail 8.11.0
Sendmail Sendmail Switch 2.1.3
Sendmail Sendmail 8.12.3
Sendmail Sendmail 8.11.3
Sendmail Sendmail Switch 2.2.1
Sendmail Sendmail 2.6.1
Sendmail Sendmail 8.12.8
Sendmail Sendmail 8.9.1
Sendmail Sendmail Switch 2.2
Sendmail Sendmail 8.10.2
Sendmail Sendmail 8.12.4
Sendmail Sendmail 8.9.0
2 EDB exploits
1 Github repository
NA
CVE-2003-0694
The prescan function in Sendmail 8.12.9 allows remote malicious users to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.
Sendmail Sendmail Switch 2.1.2
Sendmail Sendmail Switch 3.0.2
Sendmail Sendmail Switch 2.2.2
Sendmail Sendmail 2.6.2
Sendmail Sendmail 8.9.2
Sendmail Sendmail Switch 2.1.1
Sendmail Sendmail 8.11.4
Sendmail Sendmail 8.8.8
Sendmail Sendmail 8.12
Sgi Irix 6.5.17f
Sendmail Sendmail 2.6
Sendmail Sendmail 8.11.1
Sendmail Sendmail 8.11.0
Sendmail Sendmail Switch 2.1.3
Sendmail Sendmail 8.12.3
Sendmail Sendmail 8.11.3
Sendmail Sendmail Switch 2.2.1
Sendmail Sendmail 2.6.1
Sendmail Advanced Message Server 1.3
Sendmail Sendmail 8.12.8
Sgi Irix 6.5.18f
Sgi Irix 6.5.19f
1 Github repository
NA
CVE-2002-1337
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote malicious users to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.
Sendmail Sendmail
Netbsd Netbsd 1.5.3
Netbsd Netbsd 1.6
Hp Hp-ux 11.11
Netbsd Netbsd 1.5
Windriver Bsdos 4.2
Sun Sunos 5.7
Sun Sunos 5.8
Gentoo Linux 1.4
Hp Hp-ux 11.00
Windriver Bsdos 5.0
Netbsd Netbsd 1.5.1
Hp Hp-ux 11.0.4
Oracle Solaris 8
Hp Hp-ux 11.22
Netbsd Netbsd 1.5.2
Oracle Solaris 9
Hp Alphaserver Sc
Hp Hp-ux 10.20
Windriver Platform Sa 1.0
Hp Hp-ux 10.10
Windriver Bsdos 4.3.1
3 EDB exploits
1 Github repository
NA
CVE-1999-0769
Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable.
Paul Vixie Vixie Cron 3.0 Pl1
Redhat Linux 5.1
Debian Debian Linux 2.2
Debian Debian Linux 2.1
Redhat Linux 5.2
Caldera Openlinux 2.2
Redhat Linux 6.0
Redhat Linux 5.0
Redhat Linux 4.1
Redhat Linux 4.0
Redhat Linux 4.2
1 EDB exploit
NA
CVE-2004-0833
Sendmail prior to 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote malicious users to use Sendmail as an open mail relay and send spam messages.
Debian Debian Linux 3.0
NA
CVE-2006-1015
Argument injection vulnerability in certain PHP 3.x, 4.x, and 5.x applications, when used with sendmail and when accepting remote input for the additional_parameters argument to the mail function, allows remote malicious users to read and create arbitrary files via the sendmail -...
Php Php 4.3.9
Php Php 3.0
Php Php 3.0.5
Php Php 3.0.11
Php Php 5.1.2
Php Php 4.2.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 3.0.2
Php Php 5.0.0
Php Php 4.1.0
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 5.0
Php Php 3.0.8
Php Php 5.0.5
Php Php 4.3.6
Php Php 3.0.13
Php Php 5.0.1
Php Php 4.0.7
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »