This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:sendmail:sendmail:8.8.8
Detail
VendorSendmailFirst view 1998-12-01
ProductSendmailLast view2014-06-04
Version8.8.8TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:sendmail:sendmail

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
1.92014-06-04CVE-2014-3956LocalMediumNone Requ...
7.52010-01-04CVE-2009-4565NetworkLowNone Requ...
52009-05-05CVE-2009-1490NetworkLowNone Requ...
52006-08-28CVE-2006-4434NetworkLowNone Requ...
52006-06-07CVE-2006-1173NetworkLowNone Requ...
Hide | Show 9 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
52005-06-29CVE-2005-2070NetworkLowNone Requ...
102003-10-06CVE-2003-0694NetworkLowNone Requ...
7.52003-10-06CVE-2003-0681NetworkLowNone Requ...
102003-03-07CVE-2002-1337NetworkLowNone Requ...
2.12001-10-30CVE-2001-0715LocalLowNone Requ...
2.12001-10-30CVE-2001-0714LocalLowNone Requ...
4.62001-10-30CVE-2001-0713LocalLowNone Requ...
51999-12-22CVE-1999-1109NetworkLowNone Requ...
51998-12-01CVE-1999-0478NetworkLowNone Requ...

CWE : Common Weakness Enumeration

%idName
40% (2)CWE-399Resource Management Errors
20% (1)CWE-310Cryptographic Issues
20% (1)CWE-200Information Exposure
20% (1)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-2Inducing Account Lockout
CAPEC-8Buffer Overflow in an API Call
CAPEC-9Buffer Overflow in Local Command-Line Utilities
CAPEC-10Buffer Overflow via Environment Variables
CAPEC-14Client-side Injection-induced Buffer Overflow
Hide | Show 13 More...
idName
CAPEC-24Filter Failure through Buffer Overflow
CAPEC-42MIME Conversion
CAPEC-44Overflow Binary Resource File
CAPEC-45Buffer Overflow via Symbolic Links
CAPEC-46Overflow Variables and Tags
CAPEC-47Buffer Overflow via Parameter Expansion
CAPEC-67String Format Overflow in syslog()
CAPEC-82Violating Implicit Assumptions Regarding XML Content (aka XML Denial of Servi...
CAPEC-92Forced Integer Overflow
CAPEC-100Overflow Buffers
CAPEC-123Buffer Attacks
CAPEC-147XML Ping of Death
CAPEC-228Resource Depletion through DTD Injection in a SOAP Message

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:603Sendmail BO in prescan Function
oval:org.mitre.oval:def:572Sendmail BO in Prescan Function
oval:org.mitre.oval:def:2975Sendmail prescan function Buffer Overflow
oval:org.mitre.oval:def:11253Sendmail before 8.13.7 allows remote attackers to cause a denial of service v...
oval:org.mitre.oval:def:2222Sendmail Address Processor Buffer Overflow
Hide | Show 11 More...
idName
oval:org.mitre.oval:def:5819sendmail release 8.8.6 causes Denial of Service failures.
oval:org.mitre.oval:def:26065SUSE-SU-2014:0872-1 -- Security update for sendmail
oval:org.mitre.oval:def:595Potential BO in Ruleset Parsing for Sendmail
oval:org.mitre.oval:def:3606Sendmail Ruleset Parsing Buffer Overflow
oval:org.mitre.oval:def:6719DSA-1985 sendmail -- insufficient input validation
oval:org.mitre.oval:def:22058RHSA-2010:0237: sendmail security and bug fix update (Low)
oval:org.mitre.oval:def:20232DSA-1985-1 sendmail - insufficient input validation
oval:org.mitre.oval:def:11822HP-UX Running sendmail with STARTTLS Enabled, Remote Unauthorized Access.
oval:org.mitre.oval:def:10255sendmail before 8.14.4 does not properly handle a '\0' character in a Common ...
oval:org.mitre.oval:def:23064ELSA-2010:0237: sendmail security and bug fix update (Low)
oval:org.mitre.oval:def:27847DEPRECATED: ELSA-2010-0237 -- sendmail security and bug fix update (low)

Open Source Vulnerability Database (OSVDB)

idDescription
62373Sendmail X.509 Certificate Null Character MiTM Spoofing Weakness
54669Sendmail Mail X-Header Handling Remote Overflow
28193Sendmail Header Processing Overflow DoS
26197Sendmail Multi-Part MIME Message Handling DoS
17562ClamAV clamav-milter Remote Connection Hold DoS
Hide | Show 7 More...
idDescription
9312HP-UX Sendmail Unspecified Connection DoS
9303Sendmail RestrictQueueRun Option Debug Mode Local Information Disclosure
9302Sendmail RestrictQueueRun Option Multiple Argument Local DoS
9301Sendmail -C Malformed Configuration Local Privilege Escalation
4502Sendmail headers.c crackaddr Function Address Field Handling Remote Overflow
2577Sendmail prescan() Function Remote Overflow
1182Sendmail Crafted ETRN Commands Remote DoS

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2012-08-10Name : Gentoo Security Advisory GLSA 201206-30 (sendmail)
File : nvt/glsa_201206_30.nasl
2011-02-18Name : RedHat Update for sendmail RHSA-2011:0262-01
File : nvt/gb_RHSA-2011_0262-01_sendmail.nasl
2010-06-25Name : Fedora Update for sendmail FEDORA-2010-5470
File : nvt/gb_fedora_2010_5470_sendmail_fc12.nasl
2010-06-18Name : Fedora Update for sendmail FEDORA-2010-5399
File : nvt/gb_fedora_2010_5399_sendmail_fc11.nasl
2010-04-06Name : RedHat Update for sendmail RHSA-2010:0237-05
File : nvt/gb_RHSA-2010_0237-05_sendmail.nasl
Hide | Show 20 More...
idDescription
2010-03-31Name : HP-UX Update for sendmail with STARTTLS Enabled HPSBUX02508
File : nvt/gb_hp_ux_HPSBUX02508.nasl
2010-01-19Name : Mandriva Update for sendmail MDVSA-2010:003 (sendmail)
File : nvt/gb_mandriva_MDVSA_2010_003.nasl
2010-01-04Name : Sendmail NULL Character CA SSL Certificate Validation Security Bypass Vulnera...
File : nvt/sendmail_37543.nasl
2009-10-10Name : SLES9: Security update for sendmail
File : nvt/sles9p5014809.nasl
2009-05-13Name : Sendmail Buffer Overflow Vulnerability
File : nvt/gb_sendmail_bof_vuln.nasl
2009-05-05Name : HP-UX Update for sendmail HPSBUX00246
File : nvt/gb_hp_ux_HPSBUX00246.nasl
2009-05-05Name : HP-UX Update for sendmail HPSBUX00281
File : nvt/gb_hp_ux_HPSBUX00281.nasl
2008-09-24Name : Gentoo Security Advisory GLSA 200606-19 (sendmail)
File : nvt/glsa_200606_19.nasl
2008-09-04Name : FreeBSD Security Advisory (FreeBSD-SA-06:17.sendmail.asc)
File : nvt/freebsdsa_sendmail2.nasl
2008-01-17Name : Debian Security Advisory DSA 737-1 (clamav)
File : nvt/deb_737_1.nasl
2008-01-17Name : Debian Security Advisory DSA 1155-1 (sendmail)
File : nvt/deb_1155_1.nasl
2008-01-17Name : Debian Security Advisory DSA 257-1 (sendmail)
File : nvt/deb_257_1.nasl
2008-01-17Name : Debian Security Advisory DSA 1155-2 (sendmail)
File : nvt/deb_1155_2.nasl
2008-01-17Name : Debian Security Advisory DSA 1164-1 (sendmail)
File : nvt/deb_1164_1.nasl
2008-01-17Name : Debian Security Advisory DSA 384-1 (sendmail)
File : nvt/deb_384_1.nasl
2005-11-03Name : Sendmail custom configuration file
File : nvt/sendmail_custom_config.nasl
2005-11-03Name : Sendmail debug mode leak
File : nvt/sendmail_debug_leak.nasl
2005-11-03Name : Sendmail ETRN command DOS
File : nvt/sendmail_etrn_dos.nasl
2005-11-03Name : Sendmail remote header buffer overflow
File : nvt/sendmail_header.nasl
2005-11-03Name : Sendmail queue manipulation & destruction
File : nvt/sendmail_queue_destruction.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2010-A-0002Sendmail SSL Certificate Validation Vulnerability
Severity : Category I - VMSKEY : V0022182

Snort® IPS/IDS

DateDescription
2014-01-10RCPT TO overflow
RuleID : 654-community - Type : SERVER-MAIL - Revision : 28
2014-01-10RCPT TO overflow
RuleID : 654 - Type : SERVER-MAIL - Revision : 28
2014-01-10Sendmail RCPT TO prescan too long addresses overflow
RuleID : 2270-community - Type : SERVER-MAIL - Revision : 18
2014-01-10Sendmail RCPT TO prescan too long addresses overflow
RuleID : 2270 - Type : SERVER-MAIL - Revision : 18
2014-01-10Sendmail RCPT TO prescan too many addresses overflow
RuleID : 2269-community - Type : SERVER-MAIL - Revision : 15
Hide | Show 16 More...
DateDescription
2014-01-10Sendmail RCPT TO prescan too many addresses overflow
RuleID : 2269 - Type : SERVER-MAIL - Revision : 15
2014-01-10Sendmail MAIL FROM prescan too many addresses overflow
RuleID : 2267-community - Type : SERVER-MAIL - Revision : 15
2014-01-10Sendmail MAIL FROM prescan too many addresses overflow
RuleID : 2267 - Type : SERVER-MAIL - Revision : 15
2014-01-10Sendmail SOML FROM prescan too many addresses overflow
RuleID : 2265-community - Type : SERVER-MAIL - Revision : 14
2014-01-10Sendmail SOML FROM prescan too many addresses overflow
RuleID : 2265 - Type : SERVER-MAIL - Revision : 14
2014-01-10Sendmail SAML FROM prescan too many addresses overflow
RuleID : 2263-community - Type : SERVER-MAIL - Revision : 16
2014-01-10Sendmail SAML FROM prescan too many addresses overflow
RuleID : 2263 - Type : SERVER-MAIL - Revision : 16
2014-01-10Sendmail SEND FROM prescan too many addresses overflow
RuleID : 2261-community - Type : SERVER-MAIL - Revision : 16
2014-01-10Sendmail SEND FROM prescan too many addresses overflow
RuleID : 2261 - Type : SERVER-MAIL - Revision : 16
2014-01-10VRFY overflow attempt
RuleID : 2260-community - Type : SERVER-MAIL - Revision : 17
2014-01-10VRFY overflow attempt
RuleID : 2260 - Type : SERVER-MAIL - Revision : 17
2014-01-10EXPN overflow attempt
RuleID : 2259-community - Type : SERVER-MAIL - Revision : 17
2014-01-10EXPN overflow attempt
RuleID : 2259 - Type : SERVER-MAIL - Revision : 17
2014-01-10From comment overflow attempt
RuleID : 2087-community - Type : SERVER-MAIL - Revision : 14
2014-01-10From comment overflow attempt
RuleID : 2087 - Type : SERVER-MAIL - Revision : 14
2014-01-10RCPT TO overflow
RuleID : 18574 - Type : SERVER-MAIL - Revision : 6

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2018-04-10Name : The remote AIX host is missing a security patch.
File : aix_IJ02915.nasl - Type : ACT_GATHER_INFO
2018-04-10Name : The remote AIX host is missing a security patch.
File : aix_IJ02917.nasl - Type : ACT_GATHER_INFO
2018-04-10Name : The remote AIX host is missing a security patch.
File : aix_IJ02918.nasl - Type : ACT_GATHER_INFO
2018-04-10Name : The remote AIX host is missing a security patch.
File : aix_IJ02919.nasl - Type : ACT_GATHER_INFO
2018-04-10Name : The remote AIX host is missing a security patch.
File : aix_IJ02920.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2018-04-10Name : The remote AIX host is missing a security patch.
File : aix_IJ03121.nasl - Type : ACT_GATHER_INFO
2018-04-10Name : The remote AIX host is missing a security patch.
File : aix_IJ03273.nasl - Type : ACT_GATHER_INFO
2015-03-30Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2015-128.nasl - Type : ACT_GATHER_INFO
2015-01-19Name : The remote Solaris system is missing a security patch for third-party software.
File : solaris11_sendmail_20141120.nasl - Type : ACT_GATHER_INFO
2014-12-23Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201412-32.nasl - Type : ACT_GATHER_INFO
2014-08-01Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2014-147.nasl - Type : ACT_GATHER_INFO
2014-07-05Name : The remote SuSE 11 host is missing a security update.
File : suse_11_rmail-140604.nasl - Type : ACT_GATHER_INFO
2014-06-20Name : The remote Fedora host is missing a security update.
File : fedora_2014-7095.nasl - Type : ACT_GATHER_INFO
2014-06-18Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-425.nasl - Type : ACT_GATHER_INFO
2014-06-13Name : The remote Fedora host is missing a security update.
File : fedora_2014-7093.nasl - Type : ACT_GATHER_INFO
2014-06-06Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2014-156-04.nasl - Type : ACT_GATHER_INFO
2014-06-03Name : The remote mail server is affected by an SMTP connection manipulation vulnera...
File : sendmail_8_14_9.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-0262.nasl - Type : ACT_GATHER_INFO
2013-03-13Name : The remote AIX host is missing a vendor-supplied security patch.
File : aix_U477911.nasl - Type : ACT_GATHER_INFO
2013-03-13Name : The remote AIX host is missing a vendor-supplied security patch.
File : aix_U497412.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote AIX host is missing a security patch.
File : aix_IZ72510.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote AIX host is missing a security patch.
File : aix_IZ72515.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote AIX host is missing a security patch.
File : aix_IZ72528.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote AIX host is missing a security patch.
File : aix_IZ72834.nasl - Type : ACT_GATHER_INFO
2013-01-24Name : The remote AIX host is missing a security patch.
File : aix_IZ72835.nasl - Type : ACT_GATHER_INFO