← Back

CVE-2002-1165

nvd nist
Published: Oct 11, 2002Modified: Apr 16, 2026

JSON object

Loading...
4.6
Vector
AV:L/AC:L/Au:N/C:P/I:P/A:P
Exploitability: 3.9 / Impact: 6.4
Source: NVD

Description

Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after (1) "||" sequences or (2) "/" characters, which are not properly filtered or verified.

Affected (12)

Sendmail
1 product
Sendmail
Netbsd
1 product
Netbsd
Configuration A
7 vulnerable
Vulnerable SoftwareAffected Versions
Sendmail
Sendmail
Version 8.12.0
Sendmail
Version 8.12.1
Sendmail
Version 8.12.2
Sendmail
Version 8.12.3
Sendmail
Version 8.12.4
Sendmail
Version 8.12.5
Sendmail
Version 8.12.6
Configuration B
5 vulnerable
Vulnerable SoftwareAffected Versions
Netbsd
Netbsd
Version 1.5.1
Netbsd
Version 1.5.2
Netbsd
Version 1.5.3
Netbsd
Version 1.5
Netbsd
Version 1.6

References (18)

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-023.txt.asc (unsafe URL)
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
ExploitPatchVendor Advisory
Source: cve@mitre.org
ExploitPatchVendor Advisory
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-023.txt.asc (unsafe URL)
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitPatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitPatchVendor Advisory

Timeline

No history available yet.