Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0694

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2003-0694
Last Modified 10 Sep 2008 03:20:10
Published 06 Oct 2003 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0694

Summary

The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.

Vulnerable Systems

Operating System

  • Apple Mac Os X 10.2

  • Apple Mac Os X 10.2.1

  • Apple Mac Os X 10.2.2

  • Apple Mac Os X 10.2.3

  • Apple Mac Os X 10.2.4

  • Apple Mac Os X 10.2.5

  • Apple Mac Os X 10.2.6

  • Apple Mac Os X Server 10.2

  • Apple Mac Os X Server 10.2.1

  • Apple Mac Os X Server 10.2.2

  • Apple Mac Os X Server 10.2.3

  • Apple Mac Os X Server 10.2.4

  • Apple Mac Os X Server 10.2.5

  • Apple Mac Os X Server 10.2.6

  • Compaq Tru64 4.0f

  • Compaq Tru64 4.0f Pk6 Bl17

  • Compaq Tru64 4.0f Pk7 Bl18

  • Compaq Tru64 4.0f Pk8 Bl22

  • Compaq Tru64 4.0g

  • Compaq Tru64 4.0g Pk3 Bl17

  • Compaq Tru64 4.0g Pk4 Bl22

  • Compaq Tru64 5.1

  • Compaq Tru64 5.1 Pk3 Bl17

  • Compaq Tru64 5.1 Pk4 Bl18

  • Compaq Tru64 5.1 Pk5 Bl19

  • Compaq Tru64 5.1 Pk6 Bl20

  • Compaq Tru64 5.1a

  • Compaq Tru64 5.1a Pk1 Bl1

  • Compaq Tru64 5.1a Pk2 Bl2

  • Compaq Tru64 5.1a Pk3 Bl3

  • Compaq Tru64 5.1a Pk4 Bl21

  • Compaq Tru64 5.1a Pk5 Bl23

  • Compaq Tru64 5.1b

  • Compaq Tru64 5.1b Pk1 Bl1

  • Compaq Tru64 5.1b Pk2 Bl22

  • Freebsd 3.0

  • Freebsd 4.0

  • Freebsd 4.3

  • Freebsd 4.4

  • Freebsd 4.5

  • Freebsd 4.6

  • Freebsd 4.7

  • Freebsd 4.8

  • Freebsd 4.9

  • Freebsd 5.0

  • Freebsd 5.1

  • Gentoo Linux 0.5

  • Gentoo Linux 0.7

  • Gentoo Linux 1.1a

  • Gentoo Linux 1.2

  • Gentoo Linux 1.4

  • Hp-ux 11.0.4

  • Hp-ux 11.00

  • Hp-ux 11.11

  • Hp-ux 11.22

  • Ibm Aix 4.3.3

  • Ibm Aix 5.1

  • Ibm Aix 5.2

  • Netbsd 1.4.3

  • Netbsd 1.5

  • Netbsd 1.5.1

  • Netbsd 1.5.2

  • Netbsd 1.5.3

  • Netbsd 1.6

  • Netbsd 1.6.1

  • Sgi Irix 6.5.15

  • Sgi Irix 6.5.16

  • Sgi Irix 6.5.17f

  • Sgi Irix 6.5.17m

  • Sgi Irix 6.5.18f

  • Sgi Irix 6.5.18m

  • Sgi Irix 6.5.19f

  • Sgi Irix 6.5.19m

  • Sgi Irix 6.5.20f

  • Sgi Irix 6.5.20m

  • Sgi Irix 6.5.21f

  • Sgi Irix 6.5.21m

  • Sun Solaris 2.6

  • Sun Solaris 7.0

  • Sun Solaris 8.0

  • Sun Solaris 9.0

  • Turbolinux Advanced Server 6.0

  • Turbolinux Server 6.1

  • Turbolinux Server 6.5

  • Turbolinux Server 7.0

  • Turbolinux Server 8.0

  • Turbolinux Workstation 6.0

  • Turbolinux Workstation 7.0

  • Turbolinux Workstation 8.0

Application

  • Sendmail 2.6

  • Sendmail 2.6.1

  • Sendmail 2.6.2

  • Sendmail 3.0

  • Sendmail 3.0.1

  • Sendmail 3.0.2

  • Sendmail 3.0.3

  • Sendmail 8.10

  • Sendmail 8.10.1

  • Sendmail 8.10.2

  • Sendmail 8.11.0

  • Sendmail 8.11.1

  • Sendmail 8.11.2

  • Sendmail 8.11.3

  • Sendmail 8.11.4

  • Sendmail 8.11.5

  • Sendmail 8.11.6

  • Sendmail 8.12

  • Sendmail 8.12.0

  • Sendmail 8.12.1

  • Sendmail 8.12.2

  • Sendmail 8.12.3

  • Sendmail 8.12.4

  • Sendmail 8.12.5

  • Sendmail 8.12.6

  • Sendmail 8.12.7

  • Sendmail 8.12.8

  • Sendmail 8.12.9

  • Sendmail 8.8.8

  • Sendmail 8.9.0

  • Sendmail 8.9.1

  • Sendmail 8.9.2

  • Sendmail 8.9.3

  • Sendmail Advanced Message Server 1.2

  • Sendmail Advanced Message Server 1.3

  • Sendmail Pro 8.9.2

  • Sendmail Pro 8.9.3

  • Sendmail Switch 2.1

  • Sendmail Switch 2.1.1

  • Sendmail Switch 2.1.2

  • Sendmail Switch 2.1.3

  • Sendmail Switch 2.1.4

  • Sendmail Switch 2.1.5

  • Sendmail Switch 2.2

  • Sendmail Switch 2.2.1

  • Sendmail Switch 2.2.2

  • Sendmail Switch 2.2.3

  • Sendmail Switch 2.2.4

  • Sendmail Switch 2.2.5

  • Sendmail Switch 3.0

  • Sendmail Switch 3.0.1

  • Sendmail Switch 3.0.2

  • Sendmail Switch 3.0.3


References

CERT - CA-2003-25

CERT-VN - VU#784980

CONFIRM - http://www.sendmail.org/8.12.10.html

REDHAT - RHSA-2003:284

REDHAT - RHSA-2003:283

DEBIAN - DSA-384

BUGTRAQ - 20030919 [OpenPKG-SA-2003.041] OpenPKG Security Advisory (sendmail)

BUGTRAQ - 20030917 GLSA: sendmail (200309-13)

BUGTRAQ - 20030917 [slackware-security] Sendmail vulnerabilities fixed (SSA:2003-260-02)

BUGTRAQ - 20030917 Sendmail 8.12.9 prescan bug (a new one) [CAN-2003-0694]

CONECTIVA - CLA-2003:742

VULNWATCH - 20030917 Zalewski Advisory - Sendmail 8.12.9 prescan bug

SCO - SCOSA-2004.11

MANDRAKE - MDKSA-2003:092


Last Updated: 27 May 2016 10:38:00