CVE-1999-0130

Sendmail <daemon mode - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-1999-0130. PoCs published by Leshka Zakharoff.

AI-analyzed exploit summary This exploit leverages a vulnerability in Sendmail (versions 8.7-8.8.2) where a local user can bypass the daemon mode restriction and execute arbitrary code as root by manipulating the environment and sending a SIGHUP signal. The script compiles and executes a malicious program to spawn a root shell in /tmp.

Description

Local users can start Sendmail in daemon mode and gain root privileges.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Leshka Zakharoff · bashlocalmultiple

https://www.exploit-db.com/exploits/19556

View Code ZIP pw:eip

This exploit leverages a vulnerability in Sendmail (versions 8.7-8.8.2) where a local user can bypass the daemon mode restriction and execute arbitrary code as root by manipulating the environment and sending a SIGHUP signal. The script compiles and executes a malicious program to spawn a root shell in /tmp.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Sendmail <= 8.8.2

No auth needed

Prerequisites: Local access to the system · Sendmail installed and vulnerable version · Compiler (cc) available

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1548 - Abuse Elevation Control Mechanism

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/716

Scores

EPSS 0.0106

EPSS Percentile 60.0%

Details

Status published

Products (14)

bsdi/bsd_os 2.1

caldera/network_desktop 1.0

eric_allman/sendmail 8.7

eric_allman/sendmail 8.8

eric_allman/sendmail 8.8.1

eric_allman/sendmail 8.8.2

freebsd/freebsd 2.1.5

freebsd/freebsd 2.1.6

hp/hp-ux 10.00

hp/hp-ux 10.01

... and 4 more

Published Nov 16, 1996

Tracked Since Feb 18, 2026