CVE-2014-3956
https://notcve.org/view.php?id=CVE-2014-3956
The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program. La función sm_close_on_exec en conf.c en sendmail anterior a 8.14.9 tiene argumentos en el orden erróneo, y como consecuencia evade configurar etiquetas FD_CLOEXEC esperadas, lo que permite a usuarios locales acceder a descriptores de archivos de número alto no intencionados a través de un programa de entrega de correo personalizado. • ftp://ftp.sendmail.org/pub/sendmail/RELEASE_NOTES http://advisories.mageia.org/MGASA-2014-0270.html http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134349.html http://lists.opensuse.org/opensuse-updates/2014-06/msg00032.html http://lists.opensuse.org/opensuse-updates/2014-06/msg00033.html http://packetstormsecurity.com/files/126975/Slackware-Security-Advisory-sendmail-Updates.html http://secunia.com/advisories/57455 http://secunia.com/advisories/58628 http://security.gentoo.org • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2007-2246
https://notcve.org/view.php?id=CVE-2007-2246
Unspecified vulnerability in HP-UX B.11.00 and B.11.11, when running sendmail 8.9.3 or 8.11.1; and HP-UX B.11.23 when running sendmail 8.11.1; allows remote attackers to cause a denial of service via unknown attack vectors. NOTE: due to the lack of details from HP, it is not known whether this issue is a duplicate of another CVE such as CVE-2006-1173 or CVE-2006-4434. Vulnerabilidad no especificada en HP-UX B.11.00 y B.11.11, cuando se ejecuta sendmail 8.9.3 o 8.11.1; y HP-UX B.11.23 cuando se ejecuta sendmail 8.11.1; permite a los atacantes remotos causar una denegación de servicio a través de vectores de ataque desconocidos. NOTA: debido a la falta de detalles de HP, no se sabe si este problema es un duplicado de otro CVE como CVE-2006-1173 o CVE-2006-4434. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00841370 http://secunia.com/advisories/24990 http://www.kb.cert.org/vuls/id/349305 http://www.securityfocus.com/bid/23606 http://www.securitytracker.com/id?1017966 http://www.vupen.com/english/advisories/2007/1504 • CWE-399: Resource Management Errors •
CVE-2003-0694 – Sendmail SMTP Address prescan Memory Corruption
https://notcve.org/view.php?id=CVE-2003-0694
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. La función de prescan en Sendmail 8.12.9 permite a atacantes remotos ejecutar código arbitrario mediante ataques de desbordamiento de búfer, como se demostró usando la función parseaddr en parseaddr.c. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.11/SCOSA-2004.11.txt http://archives.neohapsis.com/archives/fulldisclosure/2003-q3/4119.html http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0113.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000742 http://marc.info/?l=bugtraq&m=106381604923204&w=2 http://marc.info/?l=bugtraq&m=106382859407683&w=2 http://marc.info/?l=bugtraq&m=106383437615742&w=2 http://marc.info/? •
CVE-2003-0681 – Sendmail 8.12.9 - 'Prescan()' Variant Remote Buffer Overrun
https://notcve.org/view.php?id=CVE-2003-0681
A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences. Un "desbordamiento de búfer potencial en el análisis de reglas" (ruleset parsing) en Sendmail 8.12.9 cuando se usan los conjuntos de reglas no estándar: (1) receptor, (2) final, o (3) receptores de envoltorio específicos del enviador de correo, tienen consecuencias desconocidas. • https://www.exploit-db.com/exploits/23154 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000742 http://marc.info/?l=bugtraq&m=106383437615742&w=2 http://marc.info/?l=bugtraq&m=106398718909274&w=2 http://www.debian.org/security/2003/dsa-384 http://www.kb.cert.org/vuls/id/108964 http://www.mandriva.com/security/advisories?name=MDKSA-2003:092 http://www.redhat.com/support/errata/RHSA-2003-283.html http://www.securityfocus.com/bid/8649 http://www •
CVE-2003-0161 – Sendmail 8.12.8 (BSD) - 'Prescan()' Remote Command Execution
https://notcve.org/view.php?id=CVE-2003-0161
The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337. • https://www.exploit-db.com/exploits/24 https://www.exploit-db.com/exploits/22442 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-016.0.txt ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:07.sendmail.asc ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.11/SCOSA-2004.11.txt ftp://patches.sgi.com/support/free/security/advisories/20030401-01-P http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000614 http://lists.apple.com/mhonarc/secur •