Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2003-0161

Опубликовано: 02 апр. 2003
Источник: nvd
CVSS2: 10
EPSS Высокий

Описание

The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:sendmail:sendmail:2.6:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:2.6.1:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:2.6.2:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:3.0:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:3.0.3:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.9.0:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.9.1:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.9.2:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.9.3:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.10:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.10.1:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.10.2:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.11.0:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.11.1:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.11.2:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.11.3:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.11.4:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.11.5:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.11.6:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12:beta10:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12:beta12:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12:beta16:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12:beta5:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12:beta7:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12.0:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12.1:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12.2:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12.3:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12.4:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12.5:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12.6:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12.7:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12.8:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail_switch:2.1:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail_switch:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail_switch:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail_switch:2.1.3:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail_switch:2.1.4:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail_switch:2.1.5:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail_switch:2.2:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail_switch:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail_switch:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail_switch:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail_switch:2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail_switch:2.2.5:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail_switch:3.0:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail_switch:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail_switch:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail_switch:3.0.3:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:o:compaq:tru64:4.0b:*:*:*:*:*:*:*
cpe:2.3:o:compaq:tru64:4.0d:*:*:*:*:*:*:*
cpe:2.3:o:compaq:tru64:4.0d_pk9_bl17:*:*:*:*:*:*:*
cpe:2.3:o:compaq:tru64:4.0f:*:*:*:*:*:*:*
cpe:2.3:o:compaq:tru64:4.0f_pk6_bl17:*:*:*:*:*:*:*
cpe:2.3:o:compaq:tru64:4.0f_pk7_bl18:*:*:*:*:*:*:*
cpe:2.3:o:compaq:tru64:4.0g:*:*:*:*:*:*:*
cpe:2.3:o:compaq:tru64:4.0g_pk3_bl17:*:*:*:*:*:*:*
cpe:2.3:o:compaq:tru64:5.0:*:*:*:*:*:*:*
cpe:2.3:o:compaq:tru64:5.0_pk4_bl17:*:*:*:*:*:*:*
cpe:2.3:o:compaq:tru64:5.0_pk4_bl18:*:*:*:*:*:*:*
cpe:2.3:o:compaq:tru64:5.0a:*:*:*:*:*:*:*
cpe:2.3:o:compaq:tru64:5.0a_pk3_bl17:*:*:*:*:*:*:*
cpe:2.3:o:compaq:tru64:5.0f:*:*:*:*:*:*:*
cpe:2.3:o:compaq:tru64:5.1:*:*:*:*:*:*:*
cpe:2.3:o:compaq:tru64:5.1_pk3_bl17:*:*:*:*:*:*:*
cpe:2.3:o:compaq:tru64:5.1_pk4_bl18:*:*:*:*:*:*:*
cpe:2.3:o:compaq:tru64:5.1_pk5_bl19:*:*:*:*:*:*:*
cpe:2.3:o:compaq:tru64:5.1_pk6_bl20:*:*:*:*:*:*:*
cpe:2.3:o:compaq:tru64:5.1a:*:*:*:*:*:*:*
cpe:2.3:o:compaq:tru64:5.1a_pk1_bl1:*:*:*:*:*:*:*
cpe:2.3:o:compaq:tru64:5.1a_pk2_bl2:*:*:*:*:*:*:*
cpe:2.3:o:compaq:tru64:5.1a_pk3_bl3:*:*:*:*:*:*:*
cpe:2.3:o:compaq:tru64:5.1b:*:*:*:*:*:*:*
cpe:2.3:o:compaq:tru64:5.1b_pk1_bl1:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:10.00:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:10.01:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:10.08:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:10.09:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:10.16:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:10.24:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:10.26:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:10.30:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:10.34:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:11.0.4:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:11.20:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux_series_700:10.20:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux_series_800:10.20:*:*:*:*:*:*:*
cpe:2.3:o:hp:sis:*:*:*:*:*:*:*:*
cpe:2.3:o:sun:solaris:2.4:*:x86:*:*:*:*:*
cpe:2.3:o:sun:solaris:2.5:*:x86:*:*:*:*:*
cpe:2.3:o:sun:solaris:2.5.1:*:ppc:*:*:*:*:*
cpe:2.3:o:sun:solaris:2.5.1:*:x86:*:*:*:*:*
cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*
cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*
cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*
cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*
cpe:2.3:o:sun:solaris:9.0:x86_update_2:*:*:*:*:*:*
cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*
cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*
cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*
cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*
cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*
cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*

EPSS

Процентиль: 99%
0.71952
Высокий

10 Critical

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

redhat логотип

CVE-2003-0161

redhat
больше 22 лет назад

The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337.

debian логотип

CVE-2003-0161

debian
больше 22 лет назад

The prescan() function in the address parser (parseaddr.c) in Sendmail ...

github логотип

GHSA-2259-4w76-9w2p

github
больше 3 лет назад

The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337.

EPSS

Процентиль: 99%
0.71952
Высокий

10 Critical

CVSS2

Дефекты

NVD-CWE-Other