Vulnerability Description
Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.
CVSS Score
7.2
HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Eric Allman | Sendmail | 8.6 |
| Bsdi | Bsd Os | 2.1 |
| Digital | Osf 1 | 1.3.2 |
| Freebsd | Freebsd | 2.1.5 |
| Hp | Hp-Ux | 10.01 |
| Ibm | Aix | 3.2 |
| Redhat | Linux | 3.0.3 |
| Sco | Internet Faststart | 1.0 |
| Sco | Openserver | 5.0 |
References
FAQ
What is CVE-1999-0131?
CVE-1999-0131 is a vulnerability with a CVSS score of 7.2 (HIGH). Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.
How severe is CVE-1999-0131?
CVE-1999-0131 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-1999-0131?
Check the references section above for vendor advisories and patch information. Affected products include: Eric Allman Sendmail, Bsdi Bsd Os, Digital Osf 1, Freebsd Freebsd, Hp Hp-Ux.