Executive Summary

Informations
Name CVE-2001-0713 First vendor Publication 2001-10-30
Vendor Cve Last vendor Modification 2008-09-05

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score 4.6 Attack Range Local
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 3.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Sendmail before 8.12.1 does not properly drop privileges when the -C option is used to load custom configuration files, which allows local users to gain privileges via malformed arguments in the configuration file whose names contain characters with the high bit set, such as (1) macro names that are one character long, (2) a variable setting which is processed by the setoption function, or (3) a Modifiers setting which is processed by the getmodifiers function.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0713

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 48

OpenVAS Exploits

Date Description
2005-11-03 Name : Sendmail custom configuration file
File : nvt/sendmail_custom_config.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
9301 Sendmail -C Malformed Configuration Local Privilege Escalation

Nessus® Vulnerability Scanner

Date Description
2002-08-18 Name : The remote server is vulnerable to a privilege escalation attack.
File : sendmail_custom_config.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
BID http://www.securityfocus.com/bid/3377
BINDVIEW http://razor.bindview.com/publish/advisories/adv_sm812.html
XF http://www.iss.net/security_center/static/7192.php

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
Date Informations
2020-05-23 01:35:35
  • Multiple Updates
2020-05-23 00:14:41
  • Multiple Updates
2016-04-26 11:55:33
  • Multiple Updates
2014-02-17 10:23:54
  • Multiple Updates
2013-05-11 12:05:02
  • Multiple Updates