Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sendmail vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-0058
Signal handler race condition in Sendmail 8.13.x prior to 8.13.6 allows remote malicious users to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory locations.
Sendmail Sendmail 8.13.2
Sendmail Sendmail 8.13.3
Sendmail Sendmail 8.13.0
Sendmail Sendmail 8.13.1
Sendmail Sendmail 8.13.4
Sendmail Sendmail 8.13.5
1 EDB exploit
NA
CVE-2002-0906
Buffer overflow in Sendmail prior to 8.12.5, when configured to use a custom DNS map to query TXT records, allows remote malicious users to cause a denial of service and possibly execute arbitrary code via a malicious DNS server.
Sendmail Sendmail 8.12.4
Sendmail Sendmail 8.12.1
Sendmail Sendmail 8.12.3
Sendmail Sendmail 8.12.0
NA
CVE-2002-1165
Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows malicious users to bypass the intended restrictions of smrsh by inserting additional commands after (1) "||" sequences or (2)...
Sendmail Sendmail 8.12.0
Sendmail Sendmail 8.12.1
Sendmail Sendmail 8.12.2
Sendmail Sendmail 8.12.3
Sendmail Sendmail 8.12.4
Sendmail Sendmail 8.12.5
Sendmail Sendmail 8.12.6
Netbsd Netbsd 1.5
Netbsd Netbsd 1.5.1
Netbsd Netbsd 1.5.2
Netbsd Netbsd 1.5.3
Netbsd Netbsd 1.6
1 EDB exploit
NA
CVE-2003-0681
A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.
Sendmail Advanced Message Server 1.2
Sendmail Advanced Message Server 1.3
Sendmail Sendmail 8.10
Sendmail Sendmail 8.10.1
Sendmail Sendmail 8.11.5
Sendmail Sendmail 8.11.6
Sendmail Sendmail 8.12.6
Sendmail Sendmail 8.12.7
Sendmail Sendmail 8.8.8
Sendmail Sendmail 8.9.0
Sendmail Sendmail Switch 2.1.1
Sendmail Sendmail Switch 2.1.2
Sendmail Sendmail Switch 2.2.3
Sendmail Sendmail Switch 2.2.4
Sendmail Sendmail 2.6.2
Sendmail Sendmail 3.0
Sendmail Sendmail 3.0.1
Sendmail Sendmail 8.11.1
Sendmail Sendmail 8.11.2
Sendmail Sendmail 8.12.2
Sendmail Sendmail 8.12.3
Sendmail Sendmail 8.12
1 EDB exploit
NA
CVE-2003-0161
The prescan() function in the address parser (parseaddr.c) in Sendmail prior to 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" co...
Sendmail Sendmail 2.6
Sendmail Sendmail 8.10
Sendmail Sendmail 8.10.1
Sendmail Sendmail 8.11.6
Sendmail Sendmail 8.12.0
Sendmail Sendmail 8.12.7
Sendmail Sendmail 8.12.8
Sendmail Sendmail 8.9.1
Sendmail Sendmail 8.9.2
Sendmail Sendmail Switch 2.2
Sendmail Sendmail Switch 2.2.1
Sendmail Sendmail Switch 3.0.2
Sendmail Sendmail Switch 3.0.3
Sendmail Sendmail 3.0
Sendmail Sendmail 3.0.1
Sendmail Sendmail 8.11.1
Sendmail Sendmail 8.11.2
Sendmail Sendmail 8.11.3
Sendmail Sendmail 8.12.3
Sendmail Sendmail 8.12.4
Sendmail Sendmail 8.12
Sendmail Sendmail Switch 2.1.1
2 EDB exploits
1 Github repository
NA
CVE-2003-0308
The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via (1) expn, (2) checksendmail, or (3) doublebounce.pl.
Sendmail Sendmail 8.12.3
Sendmail Sendmail 8.12.9
Sendmail Sendmail 8.9.3
Debian Debian Linux 3.0
NA
CVE-2003-0688
The DNS map code in Sendmail 8.12.8 and previous versions, when using the "enhdnsbl" feature, does not properly initialize certain data structures, which allows remote malicious users to cause a denial of service (process crash) via an invalid DNS response that causes S...
Redhat Sendmail 8.12.8-4
Sendmail Sendmail 8.12.1
Sendmail Sendmail 8.12.8
Sgi Irix 6.5.19
Redhat Sendmail 8.12.5-7
Sendmail Sendmail 8.12.4
Sendmail Sendmail 8.12.5
Sendmail Sendmail 8.12.2
Sendmail Sendmail 8.12.3
Sgi Irix 6.5.20
Sgi Irix 6.5.21
Sendmail Sendmail 8.12.6
Sendmail Sendmail 8.12.7
Freebsd Freebsd 4.7
Freebsd Freebsd 4.8
Compaq Tru64 5.0a
Freebsd Freebsd 5.0
Openbsd Openbsd 3.2
Compaq Tru64 5.1
Freebsd Freebsd 4.6
NA
CVE-2007-2246
Unspecified vulnerability in HP-UX B.11.00 and B.11.11, when running sendmail 8.9.3 or 8.11.1; and HP-UX B.11.23 when running sendmail 8.11.1; allows remote malicious users to cause a denial of service via unknown attack vectors. NOTE: due to the lack of details from HP, it is no...
Sendmail Sendmail 8.11.1
Sendmail Sendmail 8.9.3
NA
CVE-2000-0319
mail.local in Sendmail 8.10.x does not properly identify the .\n string which identifies the end of message text, which allows a remote malicious user to cause a denial of service or corrupt mailboxes via a message line that is 2047 characters long and ends in .\n.
Eric Allman Sendmail 8.7.1
Eric Allman Sendmail 8.7.6
Eric Allman Sendmail 8.7.5
Eric Allman Sendmail 8.7.4
Eric Allman Sendmail 8.8.x
Eric Allman Sendmail 8.8.2
Eric Allman Sendmail 8.9.1
Eric Allman Sendmail 8.8.1
Eric Allman Sendmail 8.7.2
Eric Allman Sendmail 8.9.3
Eric Allman Sendmail 8.6.x
Eric Allman Sendmail 8.7.3
Eric Allman Sendmail 5.58
Eric Allman Sendmail 8.8.3
Eric Allman Sendmail 8.8.4
Eric Allman Sendmail 5.59
Eric Allman Sendmail 8.8
Eric Allman Sendmail 8.7.x
Eric Allman Sendmail 8.8.5
NA
CVE-2003-0694
The prescan function in Sendmail 8.12.9 allows remote malicious users to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.
Sendmail Advanced Message Server 1.3
Sendmail Sendmail 2.6
Sendmail Sendmail 8.10
Sendmail Sendmail 8.10.1
Sendmail Sendmail 8.11.5
Sendmail Sendmail 8.11.6
Sendmail Sendmail 8.12.7
Sendmail Sendmail 3.0
Sendmail Sendmail 3.0.1
Sendmail Sendmail 8.11.1
Sendmail Sendmail 8.11.2
Sendmail Sendmail 8.12.2
Sendmail Sendmail 8.12.3
Sendmail Sendmail 8.12
Sendmail Sendmail 8.9.3
Sendmail Advanced Message Server 1.2
Sendmail Sendmail 3.0.2
Sendmail Sendmail 3.0.3
Sendmail Sendmail 8.11.3
Sendmail Sendmail 8.11.4
Sendmail Sendmail 8.12.4
Sendmail Sendmail 8.12.5
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »