Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sendmail sendmail vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-7175
The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and previous versions does not allow the administrator to disable SSLv2 encryption, which could cause less secure channels to be used than desired.
Sendmail Sendmail 8.13.1.2
NA
CVE-2006-7176
The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and previous versions does not reject the "localhost.localdomain" domain name for e-mail messages that come from external hosts, which might allow remote malicious users to spoof messages.
Sendmail Sendmail 8.13.1.2
7.5
CVSSv3
CVE-2006-4434
Use-after-free vulnerability in Sendmail prior to 8.13.8 allows remote malicious users to cause a denial of service (crash) via a long "header line", which causes a previously freed variable to be referenced. NOTE: the original developer has disputed the severity of thi...
Sendmail Sendmail
NA
CVE-2006-1173
Sendmail prior to 8.13.7 allows remote malicious users to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for performing 8-bit to 7-bit conversion, which prevents Sendmail from delivering...
Sendmail Sendmail 8.10.1
Sendmail Sendmail 8.10.2
Sendmail Sendmail 8.11.6
Sendmail Sendmail 8.11.7
Sendmail Sendmail 8.12.4
Sendmail Sendmail 8.12.5
Sendmail Sendmail 8.12
Sendmail Sendmail 8.9.2
Sendmail Sendmail 8.9.3
Sendmail Sendmail 8.11.0
Sendmail Sendmail 8.11.1
Sendmail Sendmail 8.12.0
Sendmail Sendmail 8.12.1
Sendmail Sendmail 8.12.6
Sendmail Sendmail 8.12.7
Sendmail Sendmail 8.12.8
Sendmail Sendmail 8.13.3
Sendmail Sendmail 8.13.4
Sendmail Sendmail 8.13.0
Sendmail Sendmail 8.13.1
Sendmail Sendmail 8.10
Sendmail Sendmail 8.11.4
NA
CVE-2006-1903
Multiple cross-site scripting (XSS) vulnerabilities in UserLand Manila allow remote malicious users to inject arbitrary web script or HTML (1) via the referer parameter in sendMail, and via attributes of (2) the A element and certain other HTML elements in web pages edited with t...
Userland Manila
NA
CVE-2006-1721
digestmd5.c in the CMU Cyrus Simple Authentication and Security Layer (SASL) library 2.1.18, and possibly other versions prior to 2.1.21, allows remote unauthenticated malicious users to cause a denial of service (segmentation fault) via malformed inputs in DIGEST-MD5 negotiation...
Cyrus Sasl 2.1.18 R1
Cyrus Sasl 2.1.18 R2
Cyrus Sasl 2.1.19
Cyrus Sasl 2.1.20
Cyrus Sasl 2.1.18
NA
CVE-2006-0058
Signal handler race condition in Sendmail 8.13.x prior to 8.13.6 allows remote malicious users to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory locations.
Sendmail Sendmail 8.13.2
Sendmail Sendmail 8.13.3
Sendmail Sendmail 8.13.0
Sendmail Sendmail 8.13.1
Sendmail Sendmail 8.13.4
Sendmail Sendmail 8.13.5
1 EDB exploit
NA
CVE-2006-1015
Argument injection vulnerability in certain PHP 3.x, 4.x, and 5.x applications, when used with sendmail and when accepting remote input for the additional_parameters argument to the mail function, allows remote malicious users to read and create arbitrary files via the sendmail -...
Php Php 3.0.13
Php Php 3.0.14
Php Php 3.0.4
Php Php 3.0.5
Php Php 3.0.6
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.0.7
Php Php 4.2.3
Php Php 4.2
Php Php 4.3.4
Php Php 4.3.5
Php Php 4.4.2
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0.2
Php Php 5.1.0
Php Php 5.1.1
Php Php 3.0.1
Php Php 3.0.10
Php Php 3.0.17
Php Php 3.0.18
1 EDB exploit
NA
CVE-2006-1014
Argument injection vulnerability in certain PHP 4.x and 5.x applications, when used with sendmail and when accepting remote input for the additional_parameters argument to the mb_send_mail function, allows context-dependent malicious users to read and create arbitrary files by pr...
Php Php 4.2
Php Php 4.3.11
Php Php 4.3.3
Php Php 4.4.0
Php Php 4.4.1
Php Php 5.0.0
Php Php 5.0.1
Php Php 5.0
Php Php 5.1.0
Php Php 4.0.0
Php Php 4.3.6
Php Php 4.3.7
Php Php 5.0.4
Php Php 5.0.5
Php Php 4.3.4
Php Php 4.3.5
Php Php 5.0.2
Php Php 5.0.3
Php Php 4.3.10
Php Php 4.3.8
Php Php 4.3.9
1 EDB exploit
NA
CVE-2006-0845
Leif M. Wright's Blog 3.5 allows remote authenticated users with administrative privileges to execute arbitrary programs, including shell commands, by configuring the sendmail path to a malicious pathname.
Leif M. Wright Web Blog 3.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »