Lucene search
HistoryMay 05, 2009 - 7:30 p.m.
CVE-2009-1490
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
8
Confidence
High
EPSS
0.065
Percentile
93.7%
Heap-based buffer overflow in Sendmail before 8.13.2 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long X- header, as demonstrated by an X-Testing header.
Affected configurations
Node
sendmailsendmailRangeβ€8.13.1.2
ORsendmailsendmailMatch2.6
ORsendmailsendmailMatch2.6nt
ORsendmailsendmailMatch2.6.1
ORsendmailsendmailMatch2.6.1nt
ORsendmailsendmailMatch2.6.2
ORsendmailsendmailMatch3.0
ORsendmailsendmailMatch3.0nt
ORsendmailsendmailMatch3.0.1
ORsendmailsendmailMatch3.0.1nt
ORsendmailsendmailMatch3.0.2
ORsendmailsendmailMatch3.0.2nt
ORsendmailsendmailMatch3.0.3
ORsendmailsendmailMatch4.1
ORsendmailsendmailMatch4.55
ORsendmailsendmailMatch5
ORsendmailsendmailMatch5.59
ORsendmailsendmailMatch5.61
ORsendmailsendmailMatch5.65
ORsendmailsendmailMatch8.6.7
ORsendmailsendmailMatch8.7.6
ORsendmailsendmailMatch8.7.7
ORsendmailsendmailMatch8.7.8
ORsendmailsendmailMatch8.7.9
ORsendmailsendmailMatch8.7.10
ORsendmailsendmailMatch8.8.8
ORsendmailsendmailMatch8.9.0
ORsendmailsendmailMatch8.9.1
ORsendmailsendmailMatch8.9.2
ORsendmailsendmailMatch8.9.3
ORsendmailsendmailMatch8.10
ORsendmailsendmailMatch8.10.0
ORsendmailsendmailMatch8.10.1
ORsendmailsendmailMatch8.10.2
ORsendmailsendmailMatch8.11.0
ORsendmailsendmailMatch8.11.1
ORsendmailsendmailMatch8.11.2
ORsendmailsendmailMatch8.11.3
ORsendmailsendmailMatch8.11.4
ORsendmailsendmailMatch8.11.5
ORsendmailsendmailMatch8.11.6
ORsendmailsendmailMatch8.11.7
ORsendmailsendmailMatch8.12beta10
ORsendmailsendmailMatch8.12beta12
ORsendmailsendmailMatch8.12beta16
ORsendmailsendmailMatch8.12beta5
ORsendmailsendmailMatch8.12beta7
ORsendmailsendmailMatch8.12.0
ORsendmailsendmailMatch8.12.1
ORsendmailsendmailMatch8.12.2
ORsendmailsendmailMatch8.12.3
ORsendmailsendmailMatch8.12.4
ORsendmailsendmailMatch8.12.5
ORsendmailsendmailMatch8.12.6
ORsendmailsendmailMatch8.12.7
ORsendmailsendmailMatch8.12.8
ORsendmailsendmailMatch8.12.9
ORsendmailsendmailMatch8.12.10
ORsendmailsendmailMatch8.12.11
ORsendmailsendmailMatch8.13.0
Related
prion
prion
Heap overflow
2009-05-05 19:30:00
cve
cve
CVE-2009-1490
2009-05-05 19:30:00
seebug
seebug
Sendmail X-header倴θΏη¨ε ζΊ’εΊζΌζ΄
2009-05-17 00:00:00
openvas
openvas
Sendmail Buffer Overflow Vulnerability
2009-05-13 00:00:00
Sendmail Buffer Overflow Vulnerability
2009-05-13 00:00:00
ubuntucve
ubuntucve
CVE-2009-1490
2009-05-05 00:00:00
cvelist
cvelist
CVE-2009-1490
2009-05-05 19:00:00
debiancve
debiancve
CVE-2009-1490
2009-05-05 19:30:00
nessus
nessus
Sendmail < 8.13.2 Mail X-Header Handling Remote Overflow
2009-05-24 00:00:00
oraclelinux
oraclelinux
sendmail security and bug fix update
2011-02-23 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
8
Confidence
High
EPSS
0.065
Percentile
93.7%
Related for NVD:CVE-2009-1490