Sendmail

sendmail

Vendor: Eric Allman • 14 CVEs

CVEs (14)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2000-0319 1Eric Allman 1Sendmail Apr 16, 2026 Apr 23, 2000 N/A· v4 N/A· v3 5.0 MEDIUM· v2 mail.local in Sendmail 8.10.x does not properly identify the .\n string which identifies the end of message text, which allows a remote attacker to cause a denial of service or corrupt mailboxes via a message line that i...Show more mail.local in Sendmail 8.10.x does not properly identify the .\n string which identifies the end of message text, which allows a remote attacker to cause a denial of service or corrupt mailboxes via a message line that is 2047 characters long and ends in .\n.Show less
CVE-1999-0976 1Eric Allman 1Sendmail Apr 16, 2026 Dec 7, 1999 N/A· v4 N/A· v3 2.1 LOW· v2 Sendmail allows local users to reinitialize the aliases database via the newaliases command, then cause a denial of service by interrupting Sendmail.
CVE-1999-0393 1Eric Allman 1Sendmail Apr 16, 2026 Jan 1, 1999 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Remote attackers can cause a denial of service in Sendmail 8.8.x and 8.9.2 by sending messages with a large number of headers.
CVE-1999-0205 1Eric Allman 1Sendmail Apr 16, 2026 Jan 1, 1999 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Denial of service in Sendmail 8.6.11 and 8.6.12.
CVE-1999-0047 3Bsdi CalderaEric Allman 3Bsd Os OpenlinuxSendmail Apr 16, 2026 Jan 28, 1997 N/A· v4 N/A· v3 10.0 HIGH· v2 MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4.
CVE-1999-0204 1Eric Allman 1Sendmail Apr 16, 2026 Jan 1, 1997 N/A· v4 N/A· v3 10.0 HIGH· v2 Sendmail 8.6.9 allows remote attackers to execute root commands, using ident.
CVE-1999-0163 1Eric Allman 1Sendmail Apr 16, 2026 Jan 1, 1997 N/A· v4 N/A· v3 7.2 HIGH· v2 In older versions of Sendmail, an attacker could use a pipe character to execute root commands.
CVE-1999-0129 7Bsdi Eric AllmanFreebsd+4 more 9Aix Bsd OsFreebsd+6 more Apr 16, 2026 Dec 3, 1996 N/A· v4 N/A· v3 4.6 MEDIUM· v2 Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.
CVE-1999-0130 7Bsdi CalderaEric Allman+4 more 7Aix Bsd OsFreebsd+4 more Apr 16, 2026 Nov 16, 1996 N/A· v4 N/A· v3 7.2 HIGH· v2 Local users can start Sendmail in daemon mode and gain root privileges.
CVE-1999-0206 1Eric Allman 1Sendmail Apr 16, 2026 Oct 1, 1996 N/A· v4 N/A· v3 10.0 HIGH· v2 MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access.
CVE-1999-0131 8Bsdi DigitalEric Allman+5 more 9Aix Bsd OsFreebsd+6 more Apr 16, 2026 Sep 11, 1996 N/A· v4 N/A· v3 7.2 HIGH· v2 Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.
CVE-1999-0203 1Eric Allman 1Sendmail Apr 16, 2026 Aug 17, 1995 N/A· v4 N/A· v3 10.0 HIGH· v2 In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cause the mail to bounce to a program.
CVE-1999-0145 1Eric Allman 1Sendmail Apr 16, 2026 Sep 30, 1993 N/A· v4 N/A· v3 7.2 HIGH· v2 Sendmail WIZ command enabled, allowing root access.
CVE-1999-0095 1Eric Allman 1Sendmail Apr 16, 2026 Oct 1, 1988 N/A· v4 N/A· v3 10.0 HIGH· v2 The debug command in Sendmail is enabled, allowing attackers to execute commands as root.