Vulnerability Description
Sendmail before 8.11.4, and 8.12.0 before 8.12.0.Beta10, allows local users to cause a denial of service and possibly corrupt the heap and gain privileges via race conditions in signal handlers.
CVSS Score
3.7
LOW
AV:L/AC:H/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sendmail | Sendmail | 8.10 |
References
- http://archives.neohapsis.com/archives/sendmail/2001-q2/0001.html
- http://razor.bindview.com/publish/advisories/adv_sm8120.htmlExploitPatchVendor Advisory
- http://rhn.redhat.com/errata/RHSA-2001-106.html
- http://www.iss.net/security_center/static/6633.php
- http://www.securityfocus.com/archive/1/187127Vendor Advisory
- http://www.securityfocus.com/bid/2794PatchVendor Advisory
- http://archives.neohapsis.com/archives/sendmail/2001-q2/0001.html
- http://razor.bindview.com/publish/advisories/adv_sm8120.htmlExploitPatchVendor Advisory
- http://rhn.redhat.com/errata/RHSA-2001-106.html
- http://www.iss.net/security_center/static/6633.php
- http://www.securityfocus.com/archive/1/187127Vendor Advisory
- http://www.securityfocus.com/bid/2794PatchVendor Advisory
FAQ
What is CVE-2001-1349?
CVE-2001-1349 is a vulnerability with a CVSS score of 3.7 (LOW). Sendmail before 8.11.4, and 8.12.0 before 8.12.0.Beta10, allows local users to cause a denial of service and possibly corrupt the heap and gain privileges via race conditions in signal handlers.
How severe is CVE-2001-1349?
CVE-2001-1349 has been rated LOW with a CVSS base score of 3.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-1349?
Check the references section above for vendor advisories and patch information. Affected products include: Sendmail Sendmail.