Vulnerabilities > Sendmail
|2022-03-23||CVE-2021-3618|| Improper Certificate Validation vulnerability in multiple products |
ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates.
| 5.8 |
|2014-06-04||CVE-2014-3956|| Information Exposure vulnerability in multiple products |
The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program.
| 1.9 |
|2010-01-04||CVE-2009-4565|| Cryptographic Issues vulnerability in Sendmail |
sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote attackers to bypass intended access restrictions via a crafted client certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
| 7.5 |
|2009-05-05||CVE-2009-1490|| Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Sendmail |
Heap-based buffer overflow in Sendmail before 8.13.2 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long X- header, as demonstrated by an X-Testing header.
| 5.0 |
|2007-04-25||CVE-2007-2246|| Resource Management Errors vulnerability in Sendmail 8.11.1/8.9.3 |
Unspecified vulnerability in HP-UX B.11.00 and B.11.11, when running sendmail 8.9.3 or 8.11.1; and HP-UX B.11.23 when running sendmail 8.11.1; allows remote attackers to cause a denial of service via unknown attack vectors.
| 7.8 |
|2007-03-27||CVE-2006-7176|| Localhost.Localdomain Email Spoofing vulnerability in Sendmail 22.214.171.124 |
The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and earlier does not reject the "localhost.localdomain" domain name for e-mail messages that come from external hosts, which might allow remote attackers to spoof messages.
| 4.3 |
|2007-03-27||CVE-2006-7175|| Remote Security vulnerability in Sendmail 126.96.36.199 |
The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and earlier does not allow the administrator to disable SSLv2 encryption, which could cause less secure channels to be used than desired.
| 7.5 |
|2006-08-29||CVE-2006-4434|| Resource Management Errors vulnerability in Sendmail |
Use-after-free vulnerability in Sendmail before 8.13.8 allows remote attackers to cause a denial of service (crash) via a long "header line", which causes a previously freed variable to be referenced.
| 5.0 |
|2006-06-07||CVE-2006-1173|| Resource Management Errors vulnerability in Sendmail |
Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for performing 8-bit to 7-bit conversion, which prevents Sendmail from delivering queued messages and might lead to disk consumption by core dump files.
| 5.0 |
|2006-03-22||CVE-2006-0058|| Remote Code Execution vulnerability in Sendmail Asynchronous Signal Handling |
Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory locations.
| 7.6 |