Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sendmail vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2001-0713
Sendmail prior to 8.12.1 does not properly drop privileges when the -C option is used to load custom configuration files, which allows local users to gain privileges via malformed arguments in the configuration file whose names contain characters with the high bit set, such as (1...
Sendmail Sendmail
NA
CVE-2001-0715
Sendmail prior to 8.12.1, without the RestrictQueueRun option enabled, allows local users to obtain potentially sensitive information about the mail queue by setting debugging flags to enable debug mode.
Sendmail Sendmail
NA
CVE-1999-0478
Denial of service in HP-UX sendmail 8.8.6 related to accepting connections.
Sendmail Sendmail
NA
CVE-2001-0714
Sendmail prior to 8.12.1, without the RestrictQueueRun option enabled, allows local users to cause a denial of service (data loss) by (1) setting a high initial message hop count option (-h), which causes Sendmail to drop queue entries, (2) via the -qR option, or (3) via the -qS ...
Sendmail Sendmail
7.5
CVSSv3
CVE-2006-4434
Use-after-free vulnerability in Sendmail prior to 8.13.8 allows remote malicious users to cause a denial of service (crash) via a long "header line", which causes a previously freed variable to be referenced. NOTE: the original developer has disputed the severity of thi...
Sendmail Sendmail
NA
CVE-1999-1109
Sendmail prior to 8.10.0 allows remote malicious users to cause a denial of service by sending a series of ETRN commands then disconnecting from the server, while Sendmail continues to process the commands after the connection has been terminated.
Sendmail Sendmail
1 EDB exploit
NA
CVE-1999-1309
Sendmail prior to 8.6.7 allows local users to gain root access via a large value in the debug (-d) command line option.
Sendmail Sendmail
NA
CVE-2006-7176
The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and previous versions does not reject the "localhost.localdomain" domain name for e-mail messages that come from external hosts, which might allow remote malicious users to spoof messages.
Sendmail Sendmail 8.13.1.2
NA
CVE-2006-7175
The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and previous versions does not allow the administrator to disable SSLv2 encryption, which could cause less secure channels to be used than desired.
Sendmail Sendmail 8.13.1.2
NA
CVE-1999-1592
Multiple unspecified vulnerabilities in sendmail 5, as installed on Sun SunOS 4.1.3_U1 and 4.1.4, have unspecified attack vectors and impact. NOTE: this might overlap CVE-1999-0129.
Sendmail Sendmail 5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »