Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sendmail vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2002-1278
The mailconf module in Linuxconf 1.24, and other versions prior to 1.28, on Conectiva Linux 6.0 through 8, and possibly other distributions, generates the Sendmail configuration file (sendmail.cf) in a way that configures Sendmail to run as an open mail relay, which allows remote...
Jacques Gelinas Linuxconf 1.2.5r3
Jacques Gelinas Linuxconf 1.2.4r2
4.6
CVSSv2
CVE-2002-1165
Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows malicious users to bypass the intended restrictions of smrsh by inserting additional commands after (1) "||" sequences or (2)...
Sendmail Sendmail 8.12.0
Sendmail Sendmail 8.12.1
Sendmail Sendmail 8.12.2
Sendmail Sendmail 8.12.3
Sendmail Sendmail 8.12.4
Sendmail Sendmail 8.12.5
Sendmail Sendmail 8.12.6
Netbsd Netbsd 1.5
Netbsd Netbsd 1.5.1
Netbsd Netbsd 1.5.2
Netbsd Netbsd 1.5.3
Netbsd Netbsd 1.6
1 EDB exploit
7.5
CVSSv2
CVE-2002-0906
Buffer overflow in Sendmail prior to 8.12.5, when configured to use a custom DNS map to query TXT records, allows remote malicious users to cause a denial of service and possibly execute arbitrary code via a malicious DNS server.
Sendmail Sendmail 8.12.4
Sendmail Sendmail 8.12.1
Sendmail Sendmail 8.12.3
Sendmail Sendmail 8.12.0
7.5
CVSSv2
CVE-2002-0985
Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow malicious users to bypass safe mode restrictions and modify command line arguments to the MTA (e.g. sendmail) in the 5th argument to mail(), altering MTA behavior and possibly executing commands.
Php Php
Openpkg Openpkg 1.1
Openpkg Openpkg 1.2
5
CVSSv2
CVE-2002-0986
The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote malicious users to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy."
Php Php 4.0.3
Php Php 4.2.0
Php Php 4.2.1
Php Php 4.0.1
Php Php 4.0.2
Php Php 4.1.1
Php Php 4.1.2
Php Php 3.0.18
Php Php 4.0
Php Php 4.0.4
Php Php 4.0.5
Php Php 4.0.6
Php Php 4.2.2
Php Php 4.0.7
Php Php 4.1.0
2.1
CVSSv2
CVE-2001-0714
Sendmail prior to 8.12.1, without the RestrictQueueRun option enabled, allows local users to cause a denial of service (data loss) by (1) setting a high initial message hop count option (-h), which causes Sendmail to drop queue entries, (2) via the -qR option, or (3) via the -qS ...
Sendmail Sendmail
2.1
CVSSv2
CVE-2001-0715
Sendmail prior to 8.12.1, without the RestrictQueueRun option enabled, allows local users to obtain potentially sensitive information about the mail queue by setting debugging flags to enable debug mode.
Sendmail Sendmail
4.6
CVSSv2
CVE-2001-0713
Sendmail prior to 8.12.1 does not properly drop privileges when the -C option is used to load custom configuration files, which allows local users to gain privileges via malformed arguments in the configuration file whose names contain characters with the high bit set, such as (1...
Sendmail Sendmail
10
CVSSv2
CVE-2001-0789
Format string vulnerability in avpkeeper in Kaspersky KAV 3.5.135.2 for Sendmail allows remote malicious users to cause a denial of service or possibly execute arbitrary code via a malformed mail message.
Kaspersky Kaspersky Anti-virus 3.5.132.2
4.6
CVSSv2
CVE-2001-0653
Sendmail 8.10.0 up to and including 8.11.5, and 8.12.0 beta, allows local users to modify process memory and possibly gain privileges via a large value in the 'category' part of debugger (-d) command line arguments, which is interpreted as a negative number.
Sendmail Sendmail 8.12
Sendmail Sendmail 8.11.0
Sendmail Sendmail 8.11.1
Sendmail Sendmail 8.11.2
Sendmail Sendmail 8.11.3
Sendmail Sendmail 8.11.4
Sendmail Sendmail 8.11.5
4 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »