CVE Vulnerabilities

CVE-2003-0161

Published: Apr 02, 2003 | Modified: Oct 30, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special NOCHAR control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337.

Affected Software

Name Vendor Start Version End Version
Sendmail_switch Sendmail 2.1.2 2.1.2
Sendmail_switch Sendmail 3.0.2 3.0.2
Sendmail_switch Sendmail 2.2.2 2.2.2
Sendmail Sendmail 2.6.2 2.6.2
Sendmail Sendmail 8.9.2 8.9.2
Sendmail_switch Sendmail 2.1.1 2.1.1
Sendmail Sendmail 8.11.4 8.11.4
Sendmail Sendmail 8.12 8.12
Sendmail Sendmail 2.6 2.6
Sendmail Sendmail 8.10.1 8.10.1
Sendmail Sendmail 8.12.8 8.12.8
Sendmail Sendmail 8.9.1 8.9.1
Sendmail_switch Sendmail 2.2 2.2
Sendmail_switch Sendmail 2.2.1 2.2.1
Sendmail Sendmail 8.11.1 8.11.1
Sendmail Sendmail 8.11.3 8.11.3
Sendmail Sendmail 8.12.3 8.12.3
Sendmail Sendmail 8.12.4 8.12.4
Sendmail_switch Sendmail 2.1.3 2.1.3
Sendmail Sendmail 2.6.1 2.6.1
Sendmail Sendmail 8.10.2 8.10.2
Sendmail Sendmail 8.11.0 8.11.0
Sendmail Sendmail 8.12.1 8.12.1
Sendmail Sendmail 8.12 8.12
Sendmail_switch Sendmail 2.1 2.1
Sendmail Sendmail 3.0.3 3.0.3
Sendmail Sendmail 8.9.0 8.9.0
Sendmail Sendmail 8.10 8.10
Sendmail Sendmail 8.11.6 8.11.6
Sendmail Sendmail 8.12.0 8.12.0
Sendmail Sendmail 8.12.7 8.12.7
Sendmail_switch Sendmail 3.0.3 3.0.3
Sendmail Sendmail 3.0 3.0
Sendmail Sendmail 3.0.1 3.0.1
Sendmail Sendmail 8.11.2 8.11.2
Sendmail Sendmail 8.12 8.12
Sendmail_switch Sendmail 2.2.4 2.2.4
Sendmail_switch Sendmail 2.2.5 2.2.5
Sendmail Sendmail 8.12.2 8.12.2
Sendmail Sendmail 8.12 8.12
Sendmail Sendmail 8.9.3 8.9.3
Sendmail_switch Sendmail 2.2.3 2.2.3
Sendmail Sendmail 3.0.2 3.0.2
Sendmail Sendmail 8.11.5 8.11.5
Sendmail Sendmail 8.12.5 8.12.5
Sendmail Sendmail 8.12.6 8.12.6
Sendmail Sendmail 8.12 8.12
Sendmail_switch Sendmail 2.1.4 2.1.4
Sendmail_switch Sendmail 2.1.5 2.1.5
Sendmail_switch Sendmail 3.0 3.0
Sendmail_switch Sendmail 3.0.1 3.0.1

References