Vulnerability CVE-2003-0694


Published: 2003-10-06   Modified: 2012-02-12

Description:
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.

Type:

CWE-Other

Vendor: SUN
Product: Solaris 
Version:
9.0
8.0
7.0
2.6
See more versions on NVD
Product: Sunos 
Version: 5.8; 5.7;
Vendor: Sendmail
Product: Sendmail 
Version:
8.9.3
8.9.2
8.9.1
8.9.0
8.8.8
8.12.9
8.12.8
8.12.7
8.12.6
8.12.5
8.12.4
8.12.3
8.12.2
8.12.1
8.12.0
8.12
8.11.6
8.11.5
8.11.4
8.11.3
8.11.2
8.11.1
8.11.0
8.10.2
8.10.1
8.10
3.0.3
3.0.2
3.0.1
3.0
2.6.2
2.6.1
2.6
See more versions on NVD
Product: Sendmail pro 
Version: 8.9.3; 8.9.2;
Product: Sendmail switch 
Version:
3.0.3
3.0.2
3.0.1
3.0
See more versions on NVD
Vendor: Turbolinux
Product: Turbolinux workstation 
Version:
8.0
7.0
6.0
See more versions on NVD
Product: Turbolinux server 
Version:
8.0
7.0
6.5
6.1
See more versions on NVD
Product: Turbolinux advanced server 
Version: 6.0;
Vendor: SGI
Product: IRIX 
Version:
6.5.21m
6.5.21f
6.5.20m
6.5.20f
6.5.19m
6.5.19f
6.5.18m
6.5.18f
6.5.17m
6.5.17f
6.5.16
6.5.15
See more versions on NVD
Vendor: IBM
Product: AIX 
Version:
5.2
5.1
4.3.3
See more versions on NVD
Vendor: Compaq
Product: Tru64 
Version:
5.1_pk6_bl20
5.1_pk5_bl19
5.1_pk4_bl18
5.1_pk3_bl17
5.1b_pk2_bl22
5.1b_pk1_bl1
5.1b
5.1a_pk5_bl23
5.1a_pk4_bl21
5.1a_pk3_bl3
5.1a_pk2_bl2
5.1a_pk1_bl1
5.1a
5.1
4.0g_pk4_bl22
4.0g_pk3_bl17
4.0g
4.0f_pk8_bl22
4.0f_pk7_bl18
4.0f_pk6_bl17
4.0f
See more versions on NVD
Vendor: Freebsd
Product: Freebsd 
Version:
5.1
5.0
4.9
4.8
4.7
4.6
4.5
4.4
4.3
4.0
3.0
See more versions on NVD

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete

 References:
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.11/SCOSA-2004.11.txt
http://archives.neohapsis.com/archives/fulldisclosure/2003-q3/4119.html
http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0113.html
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000742
http://marc.info/?l=bugtraq&m=106381604923204&w=2
http://marc.info/?l=bugtraq&m=106382859407683&w=2
http://marc.info/?l=bugtraq&m=106383437615742&w=2
http://marc.info/?l=bugtraq&m=106398718909274&w=2
http://www.cert.org/advisories/CA-2003-25.html
http://www.debian.org/security/2003/dsa-384
http://www.kb.cert.org/vuls/id/784980
http://www.mandriva.com/security/advisories?name=MDKSA-2003:092
http://www.redhat.com/support/errata/RHSA-2003-283.html
http://www.redhat.com/support/errata/RHSA-2003-284.html
http://www.sendmail.org/8.12.10.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2975
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A572
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A603

Related CVE
CVE-2017-1087
In FreeBSD 10.x before 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24 named paths are globally scoped, meaning a process located in one jail can read and modify the content of POSIX shared memory objects created by a process in another jail or th...
CVE-2019-5612
In FreeBSD 12.0-STABLE before r351264, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r351265, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, the kernel driver for /dev/midistat implements a read handler that...
CVE-2019-5611
In FreeBSD 12.0-STABLE before r350828, 12.0-RELEASE before 12.0-RELEASE-p10, 11.3-STABLE before r350829, 11.3-RELEASE before 11.3-RELEASE-p3, and 11.2-RELEASE before 11.2-RELEASE-p14, a missing check in the function to arrange data in a chain of mbuf...
CVE-2019-5610
In FreeBSD 12.0-STABLE before r350637, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350638, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the bsnmp library is not properly validating the submitted length f...
CVE-2019-5609
In FreeBSD 12.0-STABLE before r350619, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350619, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the bhyve e1000 device emulation used a guest-provided value to det...
CVE-2019-5608
In FreeBSD 12.0-STABLE before r350648, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before r350650, 11.3-RELEASE before 11.3-RELEASE-p2, and 11.2-RELEASE before 11.2-RELEASE-p13, the ICMPv6 input path incorrectly handles cases where an MLDv2 list...
CVE-2019-5607
In FreeBSD 12.0-STABLE before r350222, 12.0-RELEASE before 12.0-RELEASE-p8, 11.3-STABLE before r350223, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE before 11.2-RELEASE-p12, rights transmitted over a domain socket did not properly release a ...
CVE-2019-5606
In FreeBSD 12.0-STABLE before r349805, 12.0-RELEASE before 12.0-RELEASE-p8, 11.3-STABLE before r349806, 11.3-RELEASE before 11.3-RELEASE-p1, and 11.2-RELEASE before 11.2-RELEASE-p12, code which handles close of a descriptor created by posix_openpt fa...

Copyright 2019, cxsecurity.com

 

Back to Top