Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0161

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2003-0161
Last Modified 25 May 2010 12:18:16
Published 02 Apr 2003 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0161

Summary

The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337.

Vulnerable Systems

Operating System

  • Compaq Tru64 4.0b

  • Compaq Tru64 4.0d

  • Compaq Tru64 4.0d Pk9 Bl17

  • Compaq Tru64 4.0f

  • Compaq Tru64 4.0f Pk6 Bl17

  • Compaq Tru64 4.0f Pk7 Bl18

  • Compaq Tru64 4.0g

  • Compaq Tru64 4.0g Pk3 Bl17

  • Compaq Tru64 5.0

  • Compaq Tru64 5.0 Pk4 Bl17

  • Compaq Tru64 5.0 Pk4 Bl18

  • Compaq Tru64 5.0a

  • Compaq Tru64 5.0a Pk3 Bl17

  • Compaq Tru64 5.0f

  • Compaq Tru64 5.1

  • Compaq Tru64 5.1 Pk3 Bl17

  • Compaq Tru64 5.1 Pk4 Bl18

  • Compaq Tru64 5.1 Pk5 Bl19

  • Compaq Tru64 5.1 Pk6 Bl20

  • Compaq Tru64 5.1a

  • Compaq Tru64 5.1a Pk1 Bl1

  • Compaq Tru64 5.1a Pk2 Bl2

  • Compaq Tru64 5.1a Pk3 Bl3

  • Compaq Tru64 5.1b

  • Compaq Tru64 5.1b Pk1 Bl1

  • Hp Sis

  • Hp-ux 10.00

  • Hp-ux 10.01

  • Hp-ux 10.08

  • Hp-ux 10.09

  • Hp-ux 10.10

  • Hp-ux 10.16

  • Hp-ux 10.20

  • Hp-ux 10.24

  • Hp-ux 10.26

  • Hp-ux 10.30

  • Hp-ux 10.34

  • Hp-ux 11.0.4

  • Hp-ux 11.00

  • Hp-ux 11.11

  • Hp-ux 11.20

  • Hp-ux 11.22

  • Hp-ux Series 700 10.20

  • Hp-ux Series 800 10.20

  • Sun Solaris 2.4

  • Sun Solaris 2.5

  • Sun Solaris 2.5.1

  • Sun Solaris 2.6

  • Sun Solaris 7.0

  • Sun Solaris 8.0

  • Sun Solaris 9.0

Application

  • Sendmail 2.6

  • Sendmail 2.6.1

  • Sendmail 2.6.2

  • Sendmail 3.0

  • Sendmail 3.0.1

  • Sendmail 3.0.2

  • Sendmail 3.0.3

  • Sendmail 8.10

  • Sendmail 8.10.1

  • Sendmail 8.10.2

  • Sendmail 8.11.0

  • Sendmail 8.11.1

  • Sendmail 8.11.2

  • Sendmail 8.11.3

  • Sendmail 8.11.4

  • Sendmail 8.11.5

  • Sendmail 8.11.6

  • Sendmail 8.12

  • Sendmail 8.12.0

  • Sendmail 8.12.1

  • Sendmail 8.12.2

  • Sendmail 8.12.3

  • Sendmail 8.12.4

  • Sendmail 8.12.5

  • Sendmail 8.12.6

  • Sendmail 8.12.7

  • Sendmail 8.12.8

  • Sendmail 8.9.0

  • Sendmail 8.9.1

  • Sendmail 8.9.2

  • Sendmail 8.9.3

  • Sendmail Switch 2.1

  • Sendmail Switch 2.1.1

  • Sendmail Switch 2.1.2

  • Sendmail Switch 2.1.3

  • Sendmail Switch 2.1.4

  • Sendmail Switch 2.1.5

  • Sendmail Switch 2.2

  • Sendmail Switch 2.2.1

  • Sendmail Switch 2.2.2

  • Sendmail Switch 2.2.3

  • Sendmail Switch 2.2.4

  • Sendmail Switch 2.2.5

  • Sendmail Switch 3.0

  • Sendmail Switch 3.0.1

  • Sendmail Switch 3.0.2

  • Sendmail Switch 3.0.3


References

CERT - CA-2003-12

CERT-VN - VU#897604

BID - 7230

REDHAT - RHSA-2003:120

IMMUNIX - IMNX-2003-7+-002-01

REDHAT - RHSA-2003:121

DEBIAN - DSA-290

DEBIAN - DSA-278

SUNALERT - 1001088

BUGTRAQ - 20030329 Sendmail: -1 gone wild

CONFIRM - http://lists.apple.com/mhonarc/security-announce/msg00028.html

SGI - 20030401-01-P

SCO - SCOSA-2004.11

FREEBSD - FreeBSD-SA-03:07

CALDERA - CSSA-2003-016.0

BUGTRAQ - 20030331 GLSA: sendmail (200303-27)

BUGTRAQ - 20030520 [Fwd: 127 Research and Development: 127 Day!]

GENTOO - GLSA-200303-27

SUNALERT - 52700

SUNALERT - 52620

BUGTRAQ - 20030330 [OpenPKG-SA-2003.027] OpenPKG Security Advisory (sendmail)

BUGTRAQ - 20030329 sendmail 8.12.9 available

CONECTIVA - CLA-2003:614

BUGTRAQ - 20030401 Immunix Secured OS 7+ openssl update


Last Updated: 27 May 2016 10:55:10