SMTP vulnerabilities

Showing 101 - 112 of 112 CVEs

  1. CVE-1999-0047 Published Jan 28, 1997

    MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4.

  2. CVE-1999-0204 Published Jan 1, 1997

    Sendmail 8.6.9 allows remote attackers to execute root commands, using ident.

  3. CVE-1999-0163 Published Jan 1, 1997

    In older versions of Sendmail, an attacker could use a pipe character to execute root commands.

  4. CVE-1999-0129 Published Dec 3, 1996

    Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.

  5. CVE-1999-0130 Published Nov 16, 1996

    Local users can start Sendmail in daemon mode and gain root privileges.

  6. CVE-1999-0206 Published Oct 1, 1996

    MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access.

  7. CVE-1999-0131 Published Sep 11, 1996

    Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.

  8. CVE-1999-1309 Published Aug 30, 1996

    Sendmail before 8.6.7 allows local users to gain root access via a large value in the debug (-d) command line option.

  9. CVE-1999-1580 Published Aug 23, 1995

    SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable and passing crafted values to the -oR option.

  10. CVE-1999-0203 Published Aug 17, 1995

    In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cause the mail to bounce to a program.

  11. CVE-1999-0145 Published Sep 30, 1993

    Sendmail WIZ command enabled, allowing root access.

  12. CVE-1999-0095 Published Oct 1, 1988

    The debug command in Sendmail is enabled, allowing attackers to execute commands as root.