Home/Product/sendmail
Product

sendmail

49 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2023-51765
< 8.18.0.2
sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation techniq
5.3MEDIUM
 CVE-2021-3618
< 8.17
ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but usin
7.4HIGH
 CVE-2014-3956
<= 8.14.8
The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting
 CVE-2009-4565
<= 8.14.3
sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name (CN) field of an X.509 certificate, which (1) al
 CVE-2009-1490
<= 8.13.1.2
Heap-based buffer overflow in Sendmail before 8.13.2 allows remote attackers to cause a denial of service (daemon crash) and possi
 CVE-2007-2246
all versions
Unspecified vulnerability in HP-UX B.11.00 and B.11.11, when running sendmail 8.9.3 or 8.11.1; and HP-UX B.11.23 when running send
 CVE-2006-7176
all versions
The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and earlier does not reject the "localhost.localdomain" do
 CVE-2006-7175
all versions
The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and earlier does not allow the administrator to disable SS
 CVE-2006-4434
< 8.13.8
Use-after-free vulnerability in Sendmail before 8.13.8 allows remote attackers to cause a denial of service (crash) via a long "he
7.5HIGH
 CVE-2006-1173
<= 8.13.6
Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages t
 CVE-2006-0058
all versions
Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute arbitrary code by triggering tim
 CVE-2005-2070
all versions
The ClamAV Mail fILTER (clamav-milter) 0.84 through 0.85d, when used in Sendmail using long timeouts, allows remote attackers to c
 CVE-2003-0688
all versions
The DNS map code in Sendmail 8.12.8 and earlier, when using the "enhdnsbl" feature, does not properly initialize certain data stru
 CVE-2003-0694
all versions
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstr
 CVE-2003-0681
all versions
A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final
 CVE-2003-0308
all versions
The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gai
 CVE-2003-0161
all versions
The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions
 CVE-2002-1337
< 8.9.3
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields,
 CVE-2002-2423
all versions
Sendmail 8.12.0 through 8.12.6 truncates log messages longer than 100 characters, which allows remote attackers to prevent the IP
 CVE-2002-2261
all versions
Sendmail 8.9.0 through 8.12.6 allows remote attackers to bypass relaying restrictions enforced by the 'check_relay' function by sp
 CVE-2002-1827
all versions
Sendmail 8.9.0 through 8.12.3 allows local users to cause a denial of service by obtaining an exclusive lock on the (1) alias, (2)
 CVE-2002-1165
all versions
Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/199
 CVE-2002-0906
all versions
Buffer overflow in Sendmail before 8.12.5, when configured to use a custom DNS map to query TXT records, allows remote attackers t
 CVE-2001-0715
<= 8.12.1
Sendmail before 8.12.1, without the RestrictQueueRun option enabled, allows local users to obtain potentially sensitive informatio
 CVE-2001-0714
<= 8.12.1
Sendmail before 8.12.1, without the RestrictQueueRun option enabled, allows local users to cause a denial of service (data loss) b
 CVE-2001-0713
<= 8.12.1
Sendmail before 8.12.1 does not properly drop privileges when the -C option is used to load custom configuration files, which allo
 CVE-2001-0653
all versions
Sendmail 8.10.0 through 8.11.5, and 8.12.0 beta, allows local users to modify process memory and possibly gain privileges via a la
 CVE-2001-1349
all versions
Sendmail before 8.11.4, and 8.12.0 before 8.12.0.Beta10, allows local users to cause a denial of service and possibly corrupt the
 CVE-2000-0319
all versions
mail.local in Sendmail 8.10.x does not properly identify the .\n string which identifies the end of message text, which allows a r
 CVE-1999-1592
all versions
Multiple unspecified vulnerabilities in sendmail 5, as installed on Sun SunOS 4.1.3_U1 and 4.1.4, have unspecified attack vectors
 CVE-1999-1109
<= 8.10.0
Sendmail before 8.10.0 allows remote attackers to cause a denial of service by sending a series of ETRN commands then disconnectin
 CVE-1999-0976
all versions
Sendmail allows local users to reinitialize the aliases database via the newaliases command, then cause a denial of service by int
 CVE-1999-0684
all versions
Denial of service in Sendmail 8.8.6 in HPUX.
 CVE-1999-0365
all versions
The metamail package allows remote command execution using shell metacharacters that are not quoted in a mailcap entry.
 CVE-1999-0393
all versions
Remote attackers can cause a denial of service in Sendmail 8.8.x and 8.9.2 by sending messages with a large number of headers.
 CVE-1999-0205
all versions
Denial of service in Sendmail 8.6.11 and 8.6.12.
 CVE-1999-0478
<= 8.9.2
Denial of service in HP-UX sendmail 8.8.6 related to accepting connections.
 CVE-1999-0047
all versions
MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4.
 CVE-1999-0204
all versions
Sendmail 8.6.9 allows remote attackers to execute root commands, using ident.
 CVE-1999-0163
all versions
In older versions of Sendmail, an attacker could use a pipe character to execute root commands.
 CVE-1999-0129
all versions
Sendmail allows local users to write to a file and gain group permissions via a .forward or :include: file.
 CVE-1999-0130
all versions
Local users can start Sendmail in daemon mode and gain root privileges.
 CVE-1999-0206
all versions
MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access.
 CVE-1999-0131
all versions
Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.
 CVE-1999-1309
<= 8.6.7
Sendmail before 8.6.7 allows local users to gain root access via a large value in the debug (-d) command line option.
 CVE-1999-1580
all versions
SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows local users to gain root privilege
 CVE-1999-0203
all versions
In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" ad
 CVE-1999-0145
all versions
Sendmail WIZ command enabled, allowing root access.
 CVE-1999-0095
all versions
The debug command in Sendmail is enabled, allowing attackers to execute commands as root.
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin