Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2001-0713
HistoryOct 30, 2001 - 5:00 a.m.

CVE-2001-0713

2001-10-3005:00:00
[email protected]
web.nvd.nist.gov
2

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.5

Confidence

High

EPSS

0

Percentile

5.1%

JSON

Sendmail before 8.12.1 does not properly drop privileges when the -C option is used to load custom configuration files, which allows local users to gain privileges via malformed arguments in the configuration file whose names contain characters with the high bit set, such as (1) macro names that are one character long, (2) a variable setting which is processed by the setoption function, or (3) a Modifiers setting which is processed by the getmodifiers function.

Affected configurations

Nvd
Node
sendmailsendmailRange8.12.1
VendorProductVersionCPE
sendmailsendmail*cpe:2.3:a:sendmail:sendmail:*:*:*:*:*:*:*:*

Related

cvelist 1
openvas 1
nessus 1
cve 1
securityvulns 1
cvelist
cvelist
CVE-2001-0713
2001-10-12 04:00:00
openvas
openvas
Sendmail 8.12.0.x Custom Configuration File Vulnerability
2005-11-03 00:00:00
nessus
nessus
Sendmail -C Malformed Configuration Privilege Escalation
2002-08-18 00:00:00
cve
cve
CVE-2001-0713
2001-10-30 05:00:00
securityvulns
securityvulns
RAZOR advisory: multiple Sendmail vulnerabilities
2001-10-02 00:00:00

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.5

Confidence

High

EPSS

0

Percentile

5.1%

JSON
Related for NVD:CVE-2001-0713
cvelist1openvas1nessus1cve1securityvulns1