VDB

CVE-2002-1165

CVE-2002-1165 PUBLISHED CVSS 4.599999904632568 MEDIUM

Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after (1) "||" sequences or (2) "/" characters, which are not properly filtered or verified.

EPSS 1.14% · 78.7th percentile

Risk Scores

CVSS 2.0
4.599999904632568
EPSS Score
1.14%
78.7th percentile

Affected Products

VendorProductVersions
sendmailsendmail8.12.6, 8.12.2, 8.12.0
n/an/an/a
netbsdnetbsd1.5.2, 1.5.3, 1.5.1

Timeline

  • Oct 3, 2002 CVE Published
  • Feb 4, 2022 EPSS Score
  • Mar 29, 2022 EPSS Score
  • May 20, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score
  • Oct 26, 2022 EPSS Score
  • Dec 18, 2022 EPSS Score
  • Feb 9, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Apr 3, 2023 EPSS Score
  • Jul 17, 2023 EPSS Score
  • Sep 8, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›