Eric Allman: >> Sendmail Security Vulnerabilities
Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.
CVSS Score
7.2
EPSS Score
0.001
Published
1996-09-11
In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cause the mail to bounce to a program.
CVSS Score
10.0
EPSS Score
0.005
Published
1995-08-17
Sendmail WIZ command enabled, allowing root access.
CVSS Score
7.2
EPSS Score
0.005
Published
1993-09-30
The debug command in Sendmail is enabled, allowing attackers to execute commands as root.
CVSS Score
10.0
EPSS Score
0.119
Published
1988-10-01
Page 2