CVE-2002-1165 in Sendmailinfo

Summary

Sendmail Consortium s Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after (1) "||" sequences or (2) "/" characters, which are not properly filtered or verified.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Disclosure

10/11/2002

Moderation

VulDB entry created

Entries

1: VDB-19074

CPE

ready

CWE

CWE-269 (Confirmed)

Exploit

Download

CVSS

5.9

EPSS

0.01538

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2002-1165
NVD	https://nvd.nist.gov/vuln/detail/CVE-2002-1165
CVE Details	https://www.cvedetails.com/cve/CVE-2002-1165/

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!