This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:sendmail:sendmail:3.0.2::nt
Detail
VendorSendmailFirst view 1996-08-30
ProductSendmailLast view2014-06-04
Version3.0.2TypeApplication
Editionnt 
Language 
Update 
 
CPE Productcpe:/a:sendmail:sendmail

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
1.92014-06-04CVE-2014-3956LocalMediumNone Requ...
7.52010-01-04CVE-2009-4565NetworkLowNone Requ...
52009-05-05CVE-2009-1490NetworkLowNone Requ...
52006-06-07CVE-2006-1173NetworkLowNone Requ...
102003-03-07CVE-2002-1337NetworkLowNone Requ...
Hide | Show 6 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
2.12001-10-30CVE-2001-0715LocalLowNone Requ...
2.12001-10-30CVE-2001-0714LocalLowNone Requ...
4.62001-10-30CVE-2001-0713LocalLowNone Requ...
51999-12-22CVE-1999-1109NetworkLowNone Requ...
51998-12-01CVE-1999-0478NetworkLowNone Requ...
7.21996-08-30CVE-1999-1309LocalLowNone Requ...

CWE : Common Weakness Enumeration

%idName
25% (1)CWE-399Resource Management Errors
25% (1)CWE-310Cryptographic Issues
25% (1)CWE-200Information Exposure
25% (1)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-2Inducing Account Lockout
CAPEC-8Buffer Overflow in an API Call
CAPEC-9Buffer Overflow in Local Command-Line Utilities
CAPEC-10Buffer Overflow via Environment Variables
CAPEC-14Client-side Injection-induced Buffer Overflow
Hide | Show 13 More...
idName
CAPEC-24Filter Failure through Buffer Overflow
CAPEC-42MIME Conversion
CAPEC-44Overflow Binary Resource File
CAPEC-45Buffer Overflow via Symbolic Links
CAPEC-46Overflow Variables and Tags
CAPEC-47Buffer Overflow via Parameter Expansion
CAPEC-67String Format Overflow in syslog()
CAPEC-82Violating Implicit Assumptions Regarding XML Content (aka XML Denial of Servi...
CAPEC-92Forced Integer Overflow
CAPEC-100Overflow Buffers
CAPEC-123Buffer Attacks
CAPEC-147XML Ping of Death
CAPEC-228Resource Depletion through DTD Injection in a SOAP Message

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:11253Sendmail before 8.13.7 allows remote attackers to cause a denial of service v...
oval:org.mitre.oval:def:2222Sendmail Address Processor Buffer Overflow
oval:org.mitre.oval:def:5819sendmail release 8.8.6 causes Denial of Service failures.
oval:org.mitre.oval:def:26065SUSE-SU-2014:0872-1 -- Security update for sendmail
oval:org.mitre.oval:def:6719DSA-1985 sendmail -- insufficient input validation
Hide | Show 6 More...
idName
oval:org.mitre.oval:def:22058RHSA-2010:0237: sendmail security and bug fix update (Low)
oval:org.mitre.oval:def:20232DSA-1985-1 sendmail - insufficient input validation
oval:org.mitre.oval:def:11822HP-UX Running sendmail with STARTTLS Enabled, Remote Unauthorized Access.
oval:org.mitre.oval:def:10255sendmail before 8.14.4 does not properly handle a '\0' character in a Common ...
oval:org.mitre.oval:def:23064ELSA-2010:0237: sendmail security and bug fix update (Low)
oval:org.mitre.oval:def:27847DEPRECATED: ELSA-2010-0237 -- sendmail security and bug fix update (low)

Open Source Vulnerability Database (OSVDB)

idDescription
62373Sendmail X.509 Certificate Null Character MiTM Spoofing Weakness
54669Sendmail Mail X-Header Handling Remote Overflow
26197Sendmail Multi-Part MIME Message Handling DoS
9312HP-UX Sendmail Unspecified Connection DoS
9303Sendmail RestrictQueueRun Option Debug Mode Local Information Disclosure
Hide | Show 5 More...
idDescription
9302Sendmail RestrictQueueRun Option Multiple Argument Local DoS
9301Sendmail -C Malformed Configuration Local Privilege Escalation
7530Sendmail -debug Local Privilege Escalation
4502Sendmail headers.c crackaddr Function Address Field Handling Remote Overflow
1182Sendmail Crafted ETRN Commands Remote DoS

OpenVAS Exploits

idDescription
2012-08-10Name : Gentoo Security Advisory GLSA 201206-30 (sendmail)
File : nvt/glsa_201206_30.nasl
2011-02-18Name : RedHat Update for sendmail RHSA-2011:0262-01
File : nvt/gb_RHSA-2011_0262-01_sendmail.nasl
2010-06-25Name : Fedora Update for sendmail FEDORA-2010-5470
File : nvt/gb_fedora_2010_5470_sendmail_fc12.nasl
2010-06-18Name : Fedora Update for sendmail FEDORA-2010-5399
File : nvt/gb_fedora_2010_5399_sendmail_fc11.nasl
2010-04-06Name : RedHat Update for sendmail RHSA-2010:0237-05
File : nvt/gb_RHSA-2010_0237-05_sendmail.nasl
Hide | Show 18 More...
idDescription
2010-03-31Name : HP-UX Update for sendmail with STARTTLS Enabled HPSBUX02508
File : nvt/gb_hp_ux_HPSBUX02508.nasl
2010-01-19Name : Mandriva Update for sendmail MDVSA-2010:003 (sendmail)
File : nvt/gb_mandriva_MDVSA_2010_003.nasl
2010-01-04Name : Sendmail NULL Character CA SSL Certificate Validation Security Bypass Vulnera...
File : nvt/sendmail_37543.nasl
2009-05-13Name : Sendmail Buffer Overflow Vulnerability
File : nvt/gb_sendmail_bof_vuln.nasl
2009-05-05Name : HP-UX Update for sendmail HPSBUX00246
File : nvt/gb_hp_ux_HPSBUX00246.nasl
2008-09-24Name : Gentoo Security Advisory GLSA 200606-19 (sendmail)
File : nvt/glsa_200606_19.nasl
2008-09-04Name : FreeBSD Security Advisory (FreeBSD-SA-06:17.sendmail.asc)
File : nvt/freebsdsa_sendmail2.nasl
2008-01-17Name : Debian Security Advisory DSA 1155-1 (sendmail)
File : nvt/deb_1155_1.nasl
2008-01-17Name : Debian Security Advisory DSA 257-1 (sendmail)
File : nvt/deb_257_1.nasl
2008-01-17Name : Debian Security Advisory DSA 1155-2 (sendmail)
File : nvt/deb_1155_2.nasl
2005-11-03Name : Sendmail custom configuration file
File : nvt/sendmail_custom_config.nasl
2005-11-03Name : Sendmail debug mode leak
File : nvt/sendmail_debug_leak.nasl
2005-11-03Name : Sendmail ETRN command DOS
File : nvt/sendmail_etrn_dos.nasl
2005-11-03Name : Sendmail remote header buffer overflow
File : nvt/sendmail_header.nasl
2005-11-03Name : Sendmail long debug local overflow
File : nvt/sendmail_long_debug.nasl
2005-11-03Name : Sendmail queue manipulation & destruction
File : nvt/sendmail_queue_destruction.nasl
2005-11-03Name : Sendmail 8.8.8 to 8.12.7 Double Pipe Access Validation Vulnerability
File : nvt/SHN_Sendmail_DoublePipe.nasl
0000-00-00Name : Slackware Advisory SSA:2006-166-01 sendmail
File : nvt/esoft_slk_ssa_2006_166_01.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2010-A-0002Sendmail SSL Certificate Validation Vulnerability
Severity : Category I - VMSKEY : V0022182

Snort® IPS/IDS

DateDescription
2014-01-10Sendmail RCPT TO prescan too many addresses overflow
RuleID : 2269-community - Type : SERVER-MAIL - Revision : 15
2014-01-10Sendmail RCPT TO prescan too many addresses overflow
RuleID : 2269 - Type : SERVER-MAIL - Revision : 15
2014-01-10Sendmail MAIL FROM prescan too many addresses overflow
RuleID : 2267-community - Type : SERVER-MAIL - Revision : 15
2014-01-10Sendmail MAIL FROM prescan too many addresses overflow
RuleID : 2267 - Type : SERVER-MAIL - Revision : 15
2014-01-10Sendmail SOML FROM prescan too many addresses overflow
RuleID : 2265-community - Type : SERVER-MAIL - Revision : 14
Hide | Show 11 More...
DateDescription
2014-01-10Sendmail SOML FROM prescan too many addresses overflow
RuleID : 2265 - Type : SERVER-MAIL - Revision : 14
2014-01-10Sendmail SAML FROM prescan too many addresses overflow
RuleID : 2263-community - Type : SERVER-MAIL - Revision : 16
2014-01-10Sendmail SAML FROM prescan too many addresses overflow
RuleID : 2263 - Type : SERVER-MAIL - Revision : 16
2014-01-10Sendmail SEND FROM prescan too many addresses overflow
RuleID : 2261-community - Type : SERVER-MAIL - Revision : 16
2014-01-10Sendmail SEND FROM prescan too many addresses overflow
RuleID : 2261 - Type : SERVER-MAIL - Revision : 16
2014-01-10VRFY overflow attempt
RuleID : 2260-community - Type : SERVER-MAIL - Revision : 17
2014-01-10VRFY overflow attempt
RuleID : 2260 - Type : SERVER-MAIL - Revision : 17
2014-01-10EXPN overflow attempt
RuleID : 2259-community - Type : SERVER-MAIL - Revision : 17
2014-01-10EXPN overflow attempt
RuleID : 2259 - Type : SERVER-MAIL - Revision : 17
2014-01-10From comment overflow attempt
RuleID : 2087-community - Type : SERVER-MAIL - Revision : 14
2014-01-10From comment overflow attempt
RuleID : 2087 - Type : SERVER-MAIL - Revision : 14

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2018-04-10Name : The remote AIX host is missing a security patch.
File : aix_IJ02915.nasl - Type : ACT_GATHER_INFO
2018-04-10Name : The remote AIX host is missing a security patch.
File : aix_IJ02917.nasl - Type : ACT_GATHER_INFO
2018-04-10Name : The remote AIX host is missing a security patch.
File : aix_IJ02918.nasl - Type : ACT_GATHER_INFO
2018-04-10Name : The remote AIX host is missing a security patch.
File : aix_IJ02919.nasl - Type : ACT_GATHER_INFO
2018-04-10Name : The remote AIX host is missing a security patch.
File : aix_IJ02920.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2018-04-10Name : The remote AIX host is missing a security patch.
File : aix_IJ03121.nasl - Type : ACT_GATHER_INFO
2018-04-10Name : The remote AIX host is missing a security patch.
File : aix_IJ03273.nasl - Type : ACT_GATHER_INFO
2015-03-30Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2015-128.nasl - Type : ACT_GATHER_INFO
2015-01-19Name : The remote Solaris system is missing a security patch for third-party software.
File : solaris11_sendmail_20141120.nasl - Type : ACT_GATHER_INFO
2014-12-23Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201412-32.nasl - Type : ACT_GATHER_INFO
2014-08-01Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2014-147.nasl - Type : ACT_GATHER_INFO
2014-07-05Name : The remote SuSE 11 host is missing a security update.
File : suse_11_rmail-140604.nasl - Type : ACT_GATHER_INFO
2014-06-20Name : The remote Fedora host is missing a security update.
File : fedora_2014-7095.nasl - Type : ACT_GATHER_INFO
2014-06-18Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-425.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote Fedora host is missing a security update.
File : fedora_2014-7093.nasl - Type : ACT_GATHER_INFO
2014-06-06Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2014-156-04.nasl - Type : ACT_GATHER_INFO
2014-06-03Name : The remote mail server is affected by an SMTP connection manipulation vulnera...
File : sendmail_8_14_9.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0262.nasl - Type : ACT_GATHER_INFO
2013-03-13Name : The remote AIX host is missing a vendor-supplied security patch.
File : aix_U477911.nasl - Type : ACT_GATHER_INFO
2013-03-13Name : The remote AIX host is missing a vendor-supplied security patch.
File : aix_U497412.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote AIX host is missing a security patch.
File : aix_IZ72510.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote AIX host is missing a security patch.
File : aix_IZ72515.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote AIX host is missing a security patch.
File : aix_IZ72528.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote AIX host is missing a security patch.
File : aix_IZ72834.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote AIX host is missing a security patch.
File : aix_IZ72835.nasl - Type : ACT_GATHER_INFO