CVE-1999-0131

CVSS 2.0 Score 7.2 of 10 (high)

Details

Published Sep 11, 1996

Updated: Nov 20, 2024

Summary

CVE-1999-0131 is a significant vulnerability affecting Sendmail versions 8.7.5 and earlier. This issue allows local users to exploit a buffer overflow and denial of service vulnerability in the GECOS field, granting them root access to the system. The GECOS field, which stands for General Electric Comprehensive Operating System, is used to store the user's full name. By manipulating this field, an attacker can trigger the buffer overflow, potentially crashing the Sendmail service and gaining unauthorized root access. This vulnerability poses a serious threat to systems running the affected Sendmail versions and requires immediate patching to prevent potential unauthorized access.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

IBM AIX
HP-UX family of operating systems
Red Hat Enterprise Linux
FreeBSD

Affected Vendors

IBM Corporation
Red Hat
FreeBSD Project
HP

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners