The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after (1) "||" sequences or (2) "/" characters, which are not properly filtered or verified.
|2039||Sendmail < 8.12.8 Double Pipe smrsh Bypass Overflow||Nessus Network Monitor||SMTP Servers|
|2020||Sendmail < 8.12.8 Header Handling Remote Overflow||Nessus Network Monitor||SMTP Servers|
|13981||Mandrake Linux Security Advisory : sendmail (MDKSA-2002:083)||Nessus||Mandriva Local Security Checks|
|12335||RHEL 2.1 : sendmail (RHSA-2002:259)||Nessus||Red Hat Local Security Checks|
|11321||Sendmail 8.8.8 - 8.12.7 Multiple Vulnerabilities (Bypass, OF)||Nessus||SMTP problems|