This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:sendmail:sendmail:8.12:beta7
Detail
VendorSendmailFirst view 2001-05-28
ProductSendmailLast view 2010-01-04
Version8.12TypeApplication
Edition 
Language 
Updatebeta7 
 
CPE Productcpe:/a:sendmail:sendmail

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
7.52010-01-04CVE-2009-4565NetworkLowNone Requ...
52009-05-05CVE-2009-1490NetworkLowNone Requ...
52006-08-28CVE-2006-4434NetworkLowNone Requ...
52006-06-07CVE-2006-1173NetworkLowNone Requ...
52005-06-29CVE-2005-2070NetworkLowNone Requ...
Hide | Show 8 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
102003-10-06CVE-2003-0694NetworkLowNone Requ...
7.52003-10-06CVE-2003-0681NetworkLowNone Requ...
102003-04-02CVE-2003-0161NetworkLowNone Requ...
102003-03-07CVE-2002-1337NetworkLowNone Requ...
7.52002-12-31CVE-2002-2261NetworkLowNone Requ...
2.12002-12-31CVE-2002-1827LocalLowNone Requ...
4.62001-09-20CVE-2001-0653LocalLowNone Requ...
3.72001-05-28CVE-2001-1349LocalHighNone Requ...

CWE : Common Weakness Enumeration

%idName
40% (2)CWE-399Resource Management Errors
20% (1)CWE-310Cryptographic Issues
20% (1)CWE-264Permissions, Privileges, and Access Controls
20% (1)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-2Inducing Account Lockout
CAPEC-8Buffer Overflow in an API Call
CAPEC-9Buffer Overflow in Local Command-Line Utilities
CAPEC-10Buffer Overflow via Environment Variables
CAPEC-14Client-side Injection-induced Buffer Overflow
Hide | Show 13 More...
idName
CAPEC-24Filter Failure through Buffer Overflow
CAPEC-42MIME Conversion
CAPEC-44Overflow Binary Resource File
CAPEC-45Buffer Overflow via Symbolic Links
CAPEC-46Overflow Variables and Tags
CAPEC-47Buffer Overflow via Parameter Expansion
CAPEC-67String Format Overflow in syslog()
CAPEC-82Violating Implicit Assumptions Regarding XML Content (aka XML Denial of Servi...
CAPEC-92Forced Integer Overflow
CAPEC-100Overflow Buffers
CAPEC-123Buffer Attacks
CAPEC-147XML Ping of Death
CAPEC-228Resource Depletion through DTD Injection in a SOAP Message

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:2222Sendmail Address Processor Buffer Overflow
oval:org.mitre.oval:def:8512HP-UX Running sendmail, Remote Denial of Service (DoS)
oval:org.mitre.oval:def:6892HP-UX Running sendmail, Remote Denial of Service (DoS)
oval:org.mitre.oval:def:595Potential BO in Ruleset Parsing for Sendmail
oval:org.mitre.oval:def:3606Sendmail Ruleset Parsing Buffer Overflow
Hide | Show 8 More...
idName
oval:org.mitre.oval:def:603Sendmail BO in prescan Function
oval:org.mitre.oval:def:572Sendmail BO in Prescan Function
oval:org.mitre.oval:def:2975Sendmail prescan function Buffer Overflow
oval:org.mitre.oval:def:11253Sendmail before 8.13.7 allows remote attackers to cause a denial of service v...
oval:org.mitre.oval:def:22058RHSA-2010:0237: sendmail security and bug fix update (Low)
oval:org.mitre.oval:def:11822HP-UX Running sendmail with STARTTLS Enabled, Remote Unauthorized Access.
oval:org.mitre.oval:def:10255sendmail before 8.14.4 does not properly handle a '\0' character in a Common ...
oval:org.mitre.oval:def:23064ELSA-2010:0237: sendmail security and bug fix update (Low)

Open Source Vulnerability Database (OSVDB)

idDescription
62373Sendmail X.509 Certificate Null Character MiTM Spoofing Weakness
60140Sendmail Spoofed DNS Hostname check_relay Function Bypass
59769Sendmail Multiple Configuration File Lock Local DoS
54669Sendmail Mail X-Header Handling Remote Overflow
28193Sendmail Header Processing Overflow DoS
Hide | Show 7 More...
idDescription
26197Sendmail Multi-Part MIME Message Handling DoS
17562ClamAV clamav-milter Remote Connection Hold DoS
8294Sendmail NOCHAR Control Value prescan Overflow
5429Sendmail Insecure Signal Handling Local DoS
4502Sendmail headers.c crackaddr Function Address Field Handling Remote Overflow
2577Sendmail prescan() Function Remote Overflow
605Sendmail -d category Value Local Overflow

Metasploit Exploits

idDescription
2003-09-17Sendmail SMTP Address prescan Memory Corruption

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-08-10Name : Gentoo Security Advisory GLSA 201206-30 (sendmail)
File : nvt/glsa_201206_30.nasl
2011-02-18Name : RedHat Update for sendmail RHSA-2011:0262-01
File : nvt/gb_RHSA-2011_0262-01_sendmail.nasl
2010-06-25Name : Fedora Update for sendmail FEDORA-2010-5470
File : nvt/gb_fedora_2010_5470_sendmail_fc12.nasl
2010-06-18Name : Fedora Update for sendmail FEDORA-2010-5399
File : nvt/gb_fedora_2010_5399_sendmail_fc11.nasl
2010-04-06Name : RedHat Update for sendmail RHSA-2010:0237-05
File : nvt/gb_RHSA-2010_0237-05_sendmail.nasl
Hide | Show 20 More...
idDescription
2010-03-31Name : HP-UX Update for sendmail with STARTTLS Enabled HPSBUX02508
File : nvt/gb_hp_ux_HPSBUX02508.nasl
2010-01-20Name : HP-UX Update for sendmail HPSBUX02495
File : nvt/gb_hp_ux_HPSBUX02495.nasl
2010-01-19Name : Mandriva Update for sendmail MDVSA-2010:003 (sendmail)
File : nvt/gb_mandriva_MDVSA_2010_003.nasl
2010-01-04Name : Sendmail NULL Character CA SSL Certificate Validation Security Bypass Vulnera...
File : nvt/sendmail_37543.nasl
2009-10-10Name : SLES9: Security update for sendmail
File : nvt/sles9p5014809.nasl
2009-05-13Name : Sendmail Buffer Overflow Vulnerability
File : nvt/gb_sendmail_bof_vuln.nasl
2009-05-05Name : HP-UX Update for sendmail HPSBUX00246
File : nvt/gb_hp_ux_HPSBUX00246.nasl
2009-05-05Name : HP-UX Update for sendmail HPSBUX00281
File : nvt/gb_hp_ux_HPSBUX00281.nasl
2008-09-24Name : Gentoo Security Advisory GLSA 200606-19 (sendmail)
File : nvt/glsa_200606_19.nasl
2008-09-04Name : FreeBSD Security Advisory (FreeBSD-SA-06:17.sendmail.asc)
File : nvt/freebsdsa_sendmail2.nasl
2008-01-17Name : Debian Security Advisory DSA 737-1 (clamav)
File : nvt/deb_737_1.nasl
2008-01-17Name : Debian Security Advisory DSA 1155-1 (sendmail)
File : nvt/deb_1155_1.nasl
2008-01-17Name : Debian Security Advisory DSA 257-1 (sendmail)
File : nvt/deb_257_1.nasl
2008-01-17Name : Debian Security Advisory DSA 1155-2 (sendmail)
File : nvt/deb_1155_2.nasl
2008-01-17Name : Debian Security Advisory DSA 1164-1 (sendmail)
File : nvt/deb_1164_1.nasl
2008-01-17Name : Debian Security Advisory DSA 278-1 (sendmail)
File : nvt/deb_278_1.nasl
2008-01-17Name : Debian Security Advisory DSA 278-2 (sendmail)
File : nvt/deb_278_2.nasl
2008-01-17Name : Debian Security Advisory DSA 290-1 (sendmail-wide)
File : nvt/deb_290_1.nasl
2008-01-17Name : Debian Security Advisory DSA 384-1 (sendmail)
File : nvt/deb_384_1.nasl
2005-11-03Name : Sendmail remote header buffer overflow
File : nvt/sendmail_header.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2010-A-0002Sendmail SSL Certificate Validation Vulnerability
Severity : Category I - VMSKEY : V0022182

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
DateDescription
2014-01-10RCPT TO overflow
RuleID : 654-community - Type : SERVER-MAIL - Revision : 23
2014-01-10RCPT TO overflow
RuleID : 654 - Type : SERVER-MAIL - Revision : 23
2014-01-10Sendmail RCPT TO prescan too long addresses overflow
RuleID : 2270-community - Type : SERVER-MAIL - Revision : 18
2014-01-10Sendmail RCPT TO prescan too long addresses overflow
RuleID : 2270 - Type : SERVER-MAIL - Revision : 18
2014-01-10Sendmail RCPT TO prescan too many addresses overflow
RuleID : 2269-community - Type : SERVER-MAIL - Revision : 15
Hide | Show 20 More...
DateDescription
2014-01-10Sendmail RCPT TO prescan too many addresses overflow
RuleID : 2269 - Type : SERVER-MAIL - Revision : 15
2014-01-10Sendmail MAIL FROM prescan too long addresses overflow
RuleID : 2268-community - Type : SERVER-MAIL - Revision : 16
2014-01-10Sendmail MAIL FROM prescan too long addresses overflow
RuleID : 2268 - Type : SERVER-MAIL - Revision : 16
2014-01-10Sendmail MAIL FROM prescan too many addresses overflow
RuleID : 2267-community - Type : SERVER-MAIL - Revision : 15
2014-01-10Sendmail MAIL FROM prescan too many addresses overflow
RuleID : 2267 - Type : SERVER-MAIL - Revision : 15
2014-01-10Sendmail SOML FROM prescan too long addresses overflow
RuleID : 2266-community - Type : SERVER-MAIL - Revision : 16
2014-01-10Sendmail SOML FROM prescan too long addresses overflow
RuleID : 2266 - Type : SERVER-MAIL - Revision : 16
2014-01-10Sendmail SOML FROM prescan too many addresses overflow
RuleID : 2265-community - Type : SERVER-MAIL - Revision : 14
2014-01-10Sendmail SOML FROM prescan too many addresses overflow
RuleID : 2265 - Type : SERVER-MAIL - Revision : 14
2014-01-10Sendmail SAML FROM prescan too long addresses overflow
RuleID : 2264-community - Type : SERVER-MAIL - Revision : 16
2014-01-10Sendmail SAML FROM prescan too long addresses overflow
RuleID : 2264 - Type : SERVER-MAIL - Revision : 16
2014-01-10Sendmail SAML FROM prescan too many addresses overflow
RuleID : 2263-community - Type : SERVER-MAIL - Revision : 16
2014-01-10Sendmail SAML FROM prescan too many addresses overflow
RuleID : 2263 - Type : SERVER-MAIL - Revision : 16
2014-01-10Sendmail SEND FROM prescan too long addresses overflow
RuleID : 2262-community - Type : SERVER-MAIL - Revision : 16
2014-01-10Sendmail SEND FROM prescan too long addresses overflow
RuleID : 2262 - Type : SERVER-MAIL - Revision : 16
2014-01-10Sendmail SEND FROM prescan too many addresses overflow
RuleID : 2261-community - Type : SERVER-MAIL - Revision : 16
2014-01-10Sendmail SEND FROM prescan too many addresses overflow
RuleID : 2261 - Type : SERVER-MAIL - Revision : 16
2014-01-10VRFY overflow attempt
RuleID : 2260-community - Type : SERVER-MAIL - Revision : 17
2014-01-10VRFY overflow attempt
RuleID : 2260 - Type : SERVER-MAIL - Revision : 17
2014-01-10EXPN overflow attempt
RuleID : 2259-community - Type : SERVER-MAIL - Revision : 17

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0262.nasl - Type : ACT_GATHER_INFO
2013-03-13Name : The remote AIX host is missing a vendor-supplied security patch.
File : aix_U477911.nasl - Type : ACT_GATHER_INFO
2013-03-13Name : The remote AIX host is missing a vendor-supplied security patch.
File : aix_U497412.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote AIX host is missing a security patch.
File : aix_IZ72510.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote AIX host is missing a security patch.
File : aix_IZ72515.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2013-01-24Name : The remote AIX host is missing a security patch.
File : aix_IZ72528.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote AIX host is missing a security patch.
File : aix_IZ72834.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote AIX host is missing a security patch.
File : aix_IZ72835.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote AIX host is missing a security patch.
File : aix_IZ72836.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote AIX host is missing a security patch.
File : aix_IZ72837.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote AIX host is missing a security patch.
File : aix_IZ70637.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20100330_sendmail_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110216_sendmail_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-06-26Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201206-30.nasl - Type : ACT_GATHER_INFO
2012-01-12Name : The remote Debian host is missing a security-related update.
File : debian_DSA-773.nasl - Type : ACT_GATHER_INFO
2011-11-18Name : The remote mail server is susceptible to a denial of service attack.
File : sendmail_8_13_8.nasl - Type : ACT_GATHER_INFO
2011-04-22Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0262.nasl - Type : ACT_GATHER_INFO
2010-10-11Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_sendmail-6860.nasl - Type : ACT_GATHER_INFO
2010-07-01Name : The remote Fedora host is missing a security update.
File : fedora_2010-5399.nasl - Type : ACT_GATHER_INFO
2010-07-01Name : The remote Fedora host is missing a security update.
File : fedora_2010-5470.nasl - Type : ACT_GATHER_INFO
2010-05-11Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2010-0237.nasl - Type : ACT_GATHER_INFO
2010-03-02Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12590.nasl - Type : ACT_GATHER_INFO
2010-03-01Name : The remote SuSE 11 host is missing a security update.
File : suse_11_rmail-100218.nasl - Type : ACT_GATHER_INFO
2010-03-01Name : The remote SuSE system is missing a security patch for rmail
File : suse_11_1_rmail-100218.nasl - Type : ACT_GATHER_INFO
2010-03-01Name : The remote SuSE system is missing a security patch for rmail
File : suse_11_0_rmail-100218.nasl - Type : ACT_GATHER_INFO