This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:sendmail:sendmail:8.12:beta5
Detail
VendorSendmailFirst view 2001-09-20
ProductSendmailLast view 2010-01-04
Version8.12TypeApplication
Edition 
Language 
Updatebeta5 
 
CPE Productcpe:/a:sendmail:sendmail

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
7.5 2010-01-04 CVE-2009-4565 Network Low None Requ...
5 2009-05-05 CVE-2009-1490 Network Low None Requ...
5 2006-08-28 CVE-2006-4434 Network Low None Requ...
5 2006-06-07 CVE-2006-1173 Network Low None Requ...
5 2005-06-29 CVE-2005-2070 Network Low None Requ...
Hide | Show 7 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
10 2003-10-06 CVE-2003-0694 Network Low None Requ...
7.5 2003-10-06 CVE-2003-0681 Network Low None Requ...
10 2003-04-02 CVE-2003-0161 Network Low None Requ...
10 2003-03-07 CVE-2002-1337 Network Low None Requ...
7.5 2002-12-31 CVE-2002-2261 Network Low None Requ...
2.1 2002-12-31 CVE-2002-1827 Local Low None Requ...
4.6 2001-09-20 CVE-2001-0653 Local Low None Requ...

CWE : Common Weakness Enumeration

%idName
40% (2)CWE-399Resource Management Errors
20% (1)CWE-310Cryptographic Issues
20% (1)CWE-264Permissions, Privileges, and Access Controls
20% (1)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-2Inducing Account Lockout
CAPEC-8Buffer Overflow in an API Call
CAPEC-9Buffer Overflow in Local Command-Line Utilities
CAPEC-10Buffer Overflow via Environment Variables
CAPEC-14Client-side Injection-induced Buffer Overflow
Hide | Show 13 More...
idName
CAPEC-24Filter Failure through Buffer Overflow
CAPEC-42MIME Conversion
CAPEC-44Overflow Binary Resource File
CAPEC-45Buffer Overflow via Symbolic Links
CAPEC-46Overflow Variables and Tags
CAPEC-47Buffer Overflow via Parameter Expansion
CAPEC-67String Format Overflow in syslog()
CAPEC-82Violating Implicit Assumptions Regarding XML Content (aka XML Denial of Servi...
CAPEC-92Forced Integer Overflow
CAPEC-100Overflow Buffers
CAPEC-123Buffer Attacks
CAPEC-147XML Ping of Death
CAPEC-228Resource Depletion through DTD Injection in a SOAP Message

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:2222Sendmail Address Processor Buffer Overflow
oval:org.mitre.oval:def:8512HP-UX Running sendmail, Remote Denial of Service (DoS)
oval:org.mitre.oval:def:6892HP-UX Running sendmail, Remote Denial of Service (DoS)
oval:org.mitre.oval:def:595Potential BO in Ruleset Parsing for Sendmail
oval:org.mitre.oval:def:3606Sendmail Ruleset Parsing Buffer Overflow
Hide | Show 10 More...
idName
oval:org.mitre.oval:def:603Sendmail BO in prescan Function
oval:org.mitre.oval:def:572Sendmail BO in Prescan Function
oval:org.mitre.oval:def:2975Sendmail prescan function Buffer Overflow
oval:org.mitre.oval:def:11253Sendmail before 8.13.7 allows remote attackers to cause a denial of service v...
oval:org.mitre.oval:def:6719DSA-1985 sendmail -- insufficient input validation
oval:org.mitre.oval:def:22058RHSA-2010:0237: sendmail security and bug fix update (Low)
oval:org.mitre.oval:def:20232DSA-1985-1 sendmail - insufficient input validation
oval:org.mitre.oval:def:11822HP-UX Running sendmail with STARTTLS Enabled, Remote Unauthorized Access.
oval:org.mitre.oval:def:10255sendmail before 8.14.4 does not properly handle a '\0' character in a Common ...
oval:org.mitre.oval:def:23064ELSA-2010:0237: sendmail security and bug fix update (Low)

Open Source Vulnerability Database (OSVDB)

idDescription
62373Sendmail X.509 Certificate Null Character MiTM Spoofing Weakness
60140Sendmail Spoofed DNS Hostname check_relay Function Bypass
59769Sendmail Multiple Configuration File Lock Local DoS
54669Sendmail Mail X-Header Handling Remote Overflow
28193Sendmail Header Processing Overflow DoS
Hide | Show 6 More...
idDescription
26197Sendmail Multi-Part MIME Message Handling DoS
17562ClamAV clamav-milter Remote Connection Hold DoS
8294Sendmail NOCHAR Control Value prescan Overflow
4502Sendmail headers.c crackaddr Function Address Field Handling Remote Overflow
2577Sendmail prescan() Function Remote Overflow
605Sendmail -d category Value Local Overflow

Metasploit Exploits

idDescription
2003-09-17Sendmail SMTP Address prescan Memory Corruption

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-08-10Name : Gentoo Security Advisory GLSA 201206-30 (sendmail)
File : nvt/glsa_201206_30.nasl
2011-02-18Name : RedHat Update for sendmail RHSA-2011:0262-01
File : nvt/gb_RHSA-2011_0262-01_sendmail.nasl
2010-06-25Name : Fedora Update for sendmail FEDORA-2010-5470
File : nvt/gb_fedora_2010_5470_sendmail_fc12.nasl
2010-06-18Name : Fedora Update for sendmail FEDORA-2010-5399
File : nvt/gb_fedora_2010_5399_sendmail_fc11.nasl
2010-04-06Name : RedHat Update for sendmail RHSA-2010:0237-05
File : nvt/gb_RHSA-2010_0237-05_sendmail.nasl
Hide | Show 20 More...
idDescription
2010-03-31Name : HP-UX Update for sendmail with STARTTLS Enabled HPSBUX02508
File : nvt/gb_hp_ux_HPSBUX02508.nasl
2010-01-20Name : HP-UX Update for sendmail HPSBUX02495
File : nvt/gb_hp_ux_HPSBUX02495.nasl
2010-01-19Name : Mandriva Update for sendmail MDVSA-2010:003 (sendmail)
File : nvt/gb_mandriva_MDVSA_2010_003.nasl
2010-01-04Name : Sendmail NULL Character CA SSL Certificate Validation Security Bypass Vulnera...
File : nvt/sendmail_37543.nasl
2009-10-10Name : SLES9: Security update for sendmail
File : nvt/sles9p5014809.nasl
2009-05-13Name : Sendmail Buffer Overflow Vulnerability
File : nvt/gb_sendmail_bof_vuln.nasl
2009-05-05Name : HP-UX Update for sendmail HPSBUX00246
File : nvt/gb_hp_ux_HPSBUX00246.nasl
2009-05-05Name : HP-UX Update for sendmail HPSBUX00281
File : nvt/gb_hp_ux_HPSBUX00281.nasl
2008-09-24Name : Gentoo Security Advisory GLSA 200606-19 (sendmail)
File : nvt/glsa_200606_19.nasl
2008-09-04Name : FreeBSD Security Advisory (FreeBSD-SA-06:17.sendmail.asc)
File : nvt/freebsdsa_sendmail2.nasl
2008-01-17Name : Debian Security Advisory DSA 737-1 (clamav)
File : nvt/deb_737_1.nasl
2008-01-17Name : Debian Security Advisory DSA 1155-1 (sendmail)
File : nvt/deb_1155_1.nasl
2008-01-17Name : Debian Security Advisory DSA 257-1 (sendmail)
File : nvt/deb_257_1.nasl
2008-01-17Name : Debian Security Advisory DSA 1155-2 (sendmail)
File : nvt/deb_1155_2.nasl
2008-01-17Name : Debian Security Advisory DSA 1164-1 (sendmail)
File : nvt/deb_1164_1.nasl
2008-01-17Name : Debian Security Advisory DSA 278-1 (sendmail)
File : nvt/deb_278_1.nasl
2008-01-17Name : Debian Security Advisory DSA 278-2 (sendmail)
File : nvt/deb_278_2.nasl
2008-01-17Name : Debian Security Advisory DSA 290-1 (sendmail-wide)
File : nvt/deb_290_1.nasl
2008-01-17Name : Debian Security Advisory DSA 384-1 (sendmail)
File : nvt/deb_384_1.nasl
2005-11-03Name : Sendmail remote header buffer overflow
File : nvt/sendmail_header.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2010-A-0002Sendmail SSL Certificate Validation Vulnerability
Severity : Category I - VMSKEY : V0022182

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
DateDescription
2014-01-10RCPT TO overflow
RuleID : 654-community - Type : SERVER-MAIL - Revision : 24
2014-01-10RCPT TO overflow
RuleID : 654 - Type : SERVER-MAIL - Revision : 24
2014-01-10Sendmail RCPT TO prescan too long addresses overflow
RuleID : 2270-community - Type : SERVER-MAIL - Revision : 18
2014-01-10Sendmail RCPT TO prescan too long addresses overflow
RuleID : 2270 - Type : SERVER-MAIL - Revision : 18
2014-01-10Sendmail RCPT TO prescan too many addresses overflow
RuleID : 2269-community - Type : SERVER-MAIL - Revision : 15
Hide | Show 20 More...
DateDescription
2014-01-10Sendmail RCPT TO prescan too many addresses overflow
RuleID : 2269 - Type : SERVER-MAIL - Revision : 15
2014-01-10Sendmail MAIL FROM prescan too long addresses overflow
RuleID : 2268-community - Type : SERVER-MAIL - Revision : 16
2014-01-10Sendmail MAIL FROM prescan too long addresses overflow
RuleID : 2268 - Type : SERVER-MAIL - Revision : 16
2014-01-10Sendmail MAIL FROM prescan too many addresses overflow
RuleID : 2267-community - Type : SERVER-MAIL - Revision : 15
2014-01-10Sendmail MAIL FROM prescan too many addresses overflow
RuleID : 2267 - Type : SERVER-MAIL - Revision : 15
2014-01-10Sendmail SOML FROM prescan too long addresses overflow
RuleID : 2266-community - Type : SERVER-MAIL - Revision : 16
2014-01-10Sendmail SOML FROM prescan too long addresses overflow
RuleID : 2266 - Type : SERVER-MAIL - Revision : 16
2014-01-10Sendmail SOML FROM prescan too many addresses overflow
RuleID : 2265-community - Type : SERVER-MAIL - Revision : 14
2014-01-10Sendmail SOML FROM prescan too many addresses overflow
RuleID : 2265 - Type : SERVER-MAIL - Revision : 14
2014-01-10Sendmail SAML FROM prescan too long addresses overflow
RuleID : 2264-community - Type : SERVER-MAIL - Revision : 16
2014-01-10Sendmail SAML FROM prescan too long addresses overflow
RuleID : 2264 - Type : SERVER-MAIL - Revision : 16
2014-01-10Sendmail SAML FROM prescan too many addresses overflow
RuleID : 2263-community - Type : SERVER-MAIL - Revision : 16
2014-01-10Sendmail SAML FROM prescan too many addresses overflow
RuleID : 2263 - Type : SERVER-MAIL - Revision : 16
2014-01-10Sendmail SEND FROM prescan too long addresses overflow
RuleID : 2262-community - Type : SERVER-MAIL - Revision : 16
2014-01-10Sendmail SEND FROM prescan too long addresses overflow
RuleID : 2262 - Type : SERVER-MAIL - Revision : 16
2014-01-10Sendmail SEND FROM prescan too many addresses overflow
RuleID : 2261-community - Type : SERVER-MAIL - Revision : 16
2014-01-10Sendmail SEND FROM prescan too many addresses overflow
RuleID : 2261 - Type : SERVER-MAIL - Revision : 16
2014-01-10VRFY overflow attempt
RuleID : 2260-community - Type : SERVER-MAIL - Revision : 17
2014-01-10VRFY overflow attempt
RuleID : 2260 - Type : SERVER-MAIL - Revision : 17
2014-01-10EXPN overflow attempt
RuleID : 2259-community - Type : SERVER-MAIL - Revision : 17

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0262.nasl - Type : ACT_GATHER_INFO
2013-03-13Name : The remote AIX host is missing a vendor-supplied security patch.
File : aix_U477911.nasl - Type : ACT_GATHER_INFO
2013-03-13Name : The remote AIX host is missing a vendor-supplied security patch.
File : aix_U497412.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote AIX host is missing a security patch.
File : aix_IZ72510.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote AIX host is missing a security patch.
File : aix_IZ72515.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2013-01-24Name : The remote AIX host is missing a security patch.
File : aix_IZ72528.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote AIX host is missing a security patch.
File : aix_IZ72834.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote AIX host is missing a security patch.
File : aix_IZ72835.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote AIX host is missing a security patch.
File : aix_IZ72836.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote AIX host is missing a security patch.
File : aix_IZ72837.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote AIX host is missing a security patch.
File : aix_IZ70637.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100330_sendmail_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110216_sendmail_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-06-26Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201206-30.nasl - Type : ACT_GATHER_INFO
2012-01-12Name : The remote Debian host is missing a security-related update.
File : debian_DSA-773.nasl - Type : ACT_GATHER_INFO
2011-11-18Name : The remote mail server is susceptible to a denial of service attack.
File : sendmail_8_13_8.nasl - Type : ACT_GATHER_INFO
2011-04-22Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0262.nasl - Type : ACT_GATHER_INFO
2010-10-11Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_sendmail-6860.nasl - Type : ACT_GATHER_INFO
2010-07-01Name : The remote Fedora host is missing a security update.
File : fedora_2010-5399.nasl - Type : ACT_GATHER_INFO
2010-07-01Name : The remote Fedora host is missing a security update.
File : fedora_2010-5470.nasl - Type : ACT_GATHER_INFO
2010-05-11Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0237.nasl - Type : ACT_GATHER_INFO
2010-03-02Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12590.nasl - Type : ACT_GATHER_INFO
2010-03-01Name : The remote SuSE 11 host is missing a security update.
File : suse_11_rmail-100218.nasl - Type : ACT_GATHER_INFO
2010-03-01Name : The remote openSUSE host is missing a security update.
File : suse_11_1_rmail-100218.nasl - Type : ACT_GATHER_INFO
2010-03-01Name : The remote openSUSE host is missing a security update.
File : suse_11_0_rmail-100218.nasl - Type : ACT_GATHER_INFO