CVE-1999-1580

HIGH7.2/ 10.0
Share:
Published: August 23, 1995 at 04:00 AM
Modified: April 16, 2026 at 12:27 AM
Source: cve@mitre.org

Vulnerability Description

SunOS sendmail 5.59 through 5.65 uses popen to process a forwarding host argument, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable and passing crafted values to the -oR option.

CVSS Metrics

Base Score
7.2
Severity
HIGH
Vector String
AV:L/AC:L/Au:N/C:C/I:C/A:C

Weaknesses (CWE)

NVD-CWE-Other
Source: nvd@nist.gov

References & Intelligence

http://www.alw.nih.gov/Security/8lgm/8lgm-Advisory-21.html
Source: cve@mitre.org
Exploit
http://www.auscert.org.au/render.html?it=1853&cid=1978
Source: cve@mitre.org
Vendor Advisory
http://www.cert.org/advisories/CA-95.11.sun.sendmail-oR.vul
Source: cve@mitre.org
PatchThird Party AdvisoryUS Government Resource
http://www.kb.cert.org/vuls/id/3278
Source: cve@mitre.org
Third Party AdvisoryUS Government Resource
http://www.securityfocus.com/bid/7829
Source: cve@mitre.org
http://www.alw.nih.gov/Security/8lgm/8lgm-Advisory-21.html
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit
http://www.auscert.org.au/render.html?it=1853&cid=1978
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.cert.org/advisories/CA-95.11.sun.sendmail-oR.vul
Source: af854a3a-2127-422b-91ae-364da2661108
PatchThird Party AdvisoryUS Government Resource
http://www.kb.cert.org/vuls/id/3278
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
http://www.securityfocus.com/bid/7829
Source: af854a3a-2127-422b-91ae-364da2661108

Related Resources

Browse CVE Database
Search 294,000+ vulnerabilities
CVEs from 1999
View all vulnerabilities this year
CWE Database
Explore weakness categories
Security Writeups
Learn from real-world examples
About 4nuxd
Cybersecurity research & tools
Homepage
Explore more security resources