Known Vulnerabilities for products from Sendmail
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Sendmail".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Sendmail can be found at device.report : Sendmail
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-3618 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.4 - HIGH | 2022-03-23 | 2023-02-09 |
| CVE-2014-3956 | The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips se... | 1.9 - LOW | 2014-06-04 | 2017-12-29 |
| CVE-2009-4565 | sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name (CN) field of an X.509 certificate, which (... | 7.5 - HIGH | 2010-01-04 | 2017-09-19 |
| CVE-2009-1490 | Heap-based buffer overflow in Sendmail before 8.13.2 allows remote attackers to cause a denial of service (daemon crash) and ... | 5 - MEDIUM | 2009-05-05 | 2017-08-17 |
| CVE-2007-2246 | Unspecified vulnerability in HP-UX B.11.00 and B.11.11, when running sendmail 8.9.3 or 8.11.1; and HP-UX B.11.23 when running... | 7.8 - HIGH | 2007-04-25 | 2019-10-09 |
| CVE-2006-7176 | The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and earlier does not reject the "localhost.localdomai... | 4.3 - MEDIUM | 2007-03-27 | 2017-10-11 |
| CVE-2006-7175 | The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and earlier does not allow the administrator to disab... | 7.5 - HIGH | 2007-03-27 | 2008-09-05 |
| CVE-2006-4434 | Use-after-free vulnerability in Sendmail before 8.13.8 allows remote attackers to cause a denial of service (crash) via a lon... | 5 - MEDIUM | 2006-08-29 | 2011-03-10 |
| CVE-2006-1173 | Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messa... | 5 - MEDIUM | 2006-06-07 | 2018-10-18 |
| CVE-2006-0058 | Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute arbitrary code by triggerin... | 7.6 - HIGH | 2006-03-22 | 2018-10-19 |
| CVE-2005-2070 | The ClamAV Mail fILTER (clamav-milter) 0.84 through 0.85d, when used in Sendmail using long timeouts, allows remote attackers... | 5 - MEDIUM | 2005-06-29 | 2008-09-05 |
| CVE-2003-0694 | The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as dem... | 10 - HIGH | 2003-10-06 | 2018-10-30 |
| CVE-2003-0688 | The DNS map code in Sendmail 8.12.8 and earlier, when using the "enhdnsbl" feature, does not properly initialize certain data... | 5 - MEDIUM | 2003-10-20 | 2018-05-03 |
| CVE-2003-0681 | A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), ... | 7.5 - HIGH | 2003-10-06 | 2018-05-03 |
| CVE-2003-0308 | The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users t... | 7.2 - HIGH | 2003-05-15 | 2008-11-11 |
| CVE-2003-0161 | The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain convers... | 10 - HIGH | 2003-04-02 | 2018-10-30 |
| CVE-2002-2423 | Sendmail 8.12.0 through 8.12.6 truncates log messages longer than 100 characters, which allows remote attackers to prevent th... | 6.4 - MEDIUM | 2002-12-31 | 2008-09-05 |
| CVE-2002-2261 | Sendmail 8.9.0 through 8.12.6 allows remote attackers to bypass relaying restrictions enforced by the 'check_relay' function ... | 7.5 - HIGH | 2002-12-31 | 2017-10-11 |
| CVE-2002-1827 | Sendmail 8.9.0 through 8.12.3 allows local users to cause a denial of service by obtaining an exclusive lock on the (1) alias... | 2.1 - LOW | 2002-12-31 | 2008-09-05 |
| CVE-2002-1337 | Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fi... | 10 - HIGH | 2003-03-07 | 2018-10-30 |
Known software with vulnerabilities from Sendmail
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Sendmail | Advanced Message Server | - |
| Application | Sendmail | Intelligent Quarantine | - |
| Application | Sendmail | Managed Mta | - |
| Application | Sendmail | Message Store Sams | - |
| Application | Sendmail | Multi Switch | - |
| Application | Sendmail | Sendmail | - |
| Application | Sendmail | Sendmail Pro | 8.9.2 |
| Application | Sendmail | Sendmail Switch | - |
| Application | Sendmail | Sendmail Pro | - |
| Hardware | Sendmail | Sentrion | - |