Executive Summary

Informations
Name	CVE-2003-0694	First vendor Publication	2003-10-06
Vendor	Cve	Last vendor Modification	2008-09-10

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score	10	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Low
Cvss Expoit Score	10	Authentification	None Required
Calculate full CVSS 2.0 Vectors scores

Security Protection

Impacts

Provides administrator access : Allows complete confidentiality, integrity, and availability violation; Allows unauthorized disclosure of information; Allows disruption of service.

Detail

The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0694

OVAL Definitions

 

Definition Id: oval:org.mitre.oval:def:603
Oval ID:	oval:org.mitre.oval:def:603
Title:	Sendmail BO in prescan Function
Description:	The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2003-0694	Version:	4
Platform(s):	Red Hat Linux 9	Product(s):	Sendmail
Definition Synopsis:
Software section Red Hat 9 is installed AND ix86 architecture AND sendmail version is less than 8.12.8-9.90 AND Configuration section Vulnerable Config sendmail is Set-UID sendmail is Set-UID AND sendmail is Set-UID sendmail is Set-UID AND sendmail is Set-UID OR sendmail is Set-GID sendmail is Set-GID AND sendmail is Set-UID AND sendmail listening

 

Definition Id: oval:org.mitre.oval:def:572
Oval ID:	oval:org.mitre.oval:def:572
Title:	Sendmail BO in Prescan Function
Description:	The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2003-0694	Version:	4
Platform(s):	Red Hat Linux 9	Product(s):	Sendmail
Definition Synopsis:
Software section Red Hat 9 is installed AND ix86 architecture AND sendmail version is less than 8.12.8-5.90 AND Configuration section Vulnerable Config sendmail is Set-UID sendmail is Set-UID AND sendmail is Set-UID sendmail is Set-UID AND sendmail is Set-UID OR sendmail is Set-GID sendmail is Set-GID AND sendmail is Set-UID AND sendmail listening

 

Definition Id: oval:org.mitre.oval:def:2975
Oval ID:	oval:org.mitre.oval:def:2975
Title:	Sendmail prescan function Buffer Overflow
Description:	The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2003-0694	Version:	1
Platform(s):	Sun Solaris 7	Product(s):	Sendmail
Definition Synopsis:
Solaris 7,8,or 9 installed Solaris 8 Installed AND Solaris 7 Installed AND Solaris 9 Installed AND Sendmail - user (SUNWsndmu) installed AND NOT Patch 107684-10 or later installed AND NOT Patch 110615-10 or later installed AND NOT Patch 113575-05 or later installed

CPE : Common Platform Enumeration

Type	Description	Count
Application	Sendmail Advanced Message Server cpe:/a:sendmail:advanced_message_server:1.3 cpe:/a:sendmail:advanced_message_server:1.2	2
Application	Sendmail Sendmail cpe:/a:sendmail:sendmail:8.9.3 cpe:/a:sendmail:sendmail:8.9.2 cpe:/a:sendmail:sendmail:8.9.1 cpe:/a:sendmail:sendmail:8.9.0 cpe:/a:sendmail:sendmail:8.8.8 cpe:/a:sendmail:sendmail:8.12.9 cpe:/a:sendmail:sendmail:8.12.8 cpe:/a:sendmail:sendmail:8.12.7 cpe:/a:sendmail:sendmail:8.12.6 cpe:/a:sendmail:sendmail:8.12.5 cpe:/a:sendmail:sendmail:8.12.4 cpe:/a:sendmail:sendmail:8.12.3 cpe:/a:sendmail:sendmail:8.12.2 cpe:/a:sendmail:sendmail:8.12.1 cpe:/a:sendmail:sendmail:8.12.0 cpe:/a:sendmail:sendmail:8.12:beta16 cpe:/a:sendmail:sendmail:8.12:beta5 cpe:/a:sendmail:sendmail:8.12:beta10 cpe:/a:sendmail:sendmail:8.12:beta12 cpe:/a:sendmail:sendmail:8.12:beta7 cpe:/a:sendmail:sendmail:8.11.6 cpe:/a:sendmail:sendmail:8.11.5 cpe:/a:sendmail:sendmail:8.11.4 cpe:/a:sendmail:sendmail:8.11.3 cpe:/a:sendmail:sendmail:8.11.2 cpe:/a:sendmail:sendmail:8.11.1 cpe:/a:sendmail:sendmail:8.11.0 cpe:/a:sendmail:sendmail:8.10.2 cpe:/a:sendmail:sendmail:8.10.1 cpe:/a:sendmail:sendmail:8.10 cpe:/a:sendmail:sendmail:3.0.3 cpe:/a:sendmail:sendmail:3.0.2 cpe:/a:sendmail:sendmail:3.0.1 cpe:/a:sendmail:sendmail:3.0 cpe:/a:sendmail:sendmail:2.6.2 cpe:/a:sendmail:sendmail:2.6.1 cpe:/a:sendmail:sendmail:2.6	37
Application	Sendmail Sendmail Pro cpe:/a:sendmail:sendmail_pro:8.9.3 cpe:/a:sendmail:sendmail_pro:8.9.2	2
Application	Sendmail Sendmail Switch cpe:/a:sendmail:sendmail_switch:3.0.3 cpe:/a:sendmail:sendmail_switch:3.0.2 cpe:/a:sendmail:sendmail_switch:3.0.1 cpe:/a:sendmail:sendmail_switch:3.0 cpe:/a:sendmail:sendmail_switch:2.2.5 cpe:/a:sendmail:sendmail_switch:2.2.4 cpe:/a:sendmail:sendmail_switch:2.2.3 cpe:/a:sendmail:sendmail_switch:2.2.2 cpe:/a:sendmail:sendmail_switch:2.2.1 cpe:/a:sendmail:sendmail_switch:2.2 cpe:/a:sendmail:sendmail_switch:2.1.5 cpe:/a:sendmail:sendmail_switch:2.1.4 cpe:/a:sendmail:sendmail_switch:2.1.3 cpe:/a:sendmail:sendmail_switch:2.1.2 cpe:/a:sendmail:sendmail_switch:2.1.1 cpe:/a:sendmail:sendmail_switch:2.1	16
Os	Apple Mac Os X cpe:/o:apple:mac_os_x:10.2.6 cpe:/o:apple:mac_os_x:10.2.5 cpe:/o:apple:mac_os_x:10.2.4 cpe:/o:apple:mac_os_x:10.2.3 cpe:/o:apple:mac_os_x:10.2.2 cpe:/o:apple:mac_os_x:10.2.1 cpe:/o:apple:mac_os_x:10.2	7
Os	Apple Mac Os X Server cpe:/o:apple:mac_os_x_server:10.2.6 cpe:/o:apple:mac_os_x_server:10.2.5 cpe:/o:apple:mac_os_x_server:10.2.4 cpe:/o:apple:mac_os_x_server:10.2.3 cpe:/o:apple:mac_os_x_server:10.2.2 cpe:/o:apple:mac_os_x_server:10.2.1 cpe:/o:apple:mac_os_x_server:10.2	7
Os	Compaq tru64 cpe:/o:compaq:tru64:5.1b_pk2_bl22 cpe:/o:compaq:tru64:5.1b_pk1_bl1 cpe:/o:compaq:tru64:5.1b cpe:/o:compaq:tru64:5.1a_pk5_bl23 cpe:/o:compaq:tru64:5.1a_pk4_bl21 cpe:/o:compaq:tru64:5.1a_pk3_bl3 cpe:/o:compaq:tru64:5.1a_pk2_bl2 cpe:/o:compaq:tru64:5.1a_pk1_bl1 cpe:/o:compaq:tru64:5.1a cpe:/o:compaq:tru64:5.1_pk6_bl20 cpe:/o:compaq:tru64:5.1_pk5_bl19 cpe:/o:compaq:tru64:5.1_pk4_bl18 cpe:/o:compaq:tru64:5.1_pk3_bl17 cpe:/o:compaq:tru64:5.1 cpe:/o:compaq:tru64:4.0g_pk4_bl22 cpe:/o:compaq:tru64:4.0g_pk3_bl17 cpe:/o:compaq:tru64:4.0g cpe:/o:compaq:tru64:4.0f_pk8_bl22 cpe:/o:compaq:tru64:4.0f_pk7_bl18 cpe:/o:compaq:tru64:4.0f_pk6_bl17 cpe:/o:compaq:tru64:4.0f	21
Os	Freebsd Freebsd cpe:/o:freebsd:freebsd:5.1:releng cpe:/o:freebsd:freebsd:5.1:release_p5 cpe:/o:freebsd:freebsd:5.0:release_p14 cpe:/o:freebsd:freebsd:5.0:releng cpe:/o:freebsd:freebsd:4.9:pre-release cpe:/o:freebsd:freebsd:4.8:release_p6 cpe:/o:freebsd:freebsd:4.8:releng cpe:/o:freebsd:freebsd:4.7:releng cpe:/o:freebsd:freebsd:4.7:release_p17 cpe:/o:freebsd:freebsd:4.6:release_p20 cpe:/o:freebsd:freebsd:4.6:releng cpe:/o:freebsd:freebsd:4.5:release_p32 cpe:/o:freebsd:freebsd:4.5:releng cpe:/o:freebsd:freebsd:4.4:releng cpe:/o:freebsd:freebsd:4.4:release_p42 cpe:/o:freebsd:freebsd:4.3:release_p38 cpe:/o:freebsd:freebsd:4.3:releng cpe:/o:freebsd:freebsd:4.0:releng cpe:/o:freebsd:freebsd:3.0:releng	19
Os	Gentoo Linux cpe:/o:gentoo:linux:1.4:rc3 cpe:/o:gentoo:linux:1.4:rc2 cpe:/o:gentoo:linux:1.4:rc1 cpe:/o:gentoo:linux:1.2 cpe:/o:gentoo:linux:1.1a cpe:/o:gentoo:linux:0.7 cpe:/o:gentoo:linux:0.5	7
Os	Hp Hp-Ux cpe:/o:hp:hp-ux:11.22 cpe:/o:hp:hp-ux:11.11 cpe:/o:hp:hp-ux:11.00 cpe:/o:hp:hp-ux:11.0.4	4
Os	Ibm Aix cpe:/o:ibm:aix:5.2 cpe:/o:ibm:aix:5.1 cpe:/o:ibm:aix:4.3.3	3
Os	Netbsd Netbsd cpe:/o:netbsd:netbsd:1.6.1 cpe:/o:netbsd:netbsd:1.6:beta cpe:/o:netbsd:netbsd:1.6 cpe:/o:netbsd:netbsd:1.5.3 cpe:/o:netbsd:netbsd:1.5.2 cpe:/o:netbsd:netbsd:1.5.1 cpe:/o:netbsd:netbsd:1.5::x86 cpe:/o:netbsd:netbsd:1.5 cpe:/o:netbsd:netbsd:1.5::sh3 cpe:/o:netbsd:netbsd:1.4.3	10
Os	Sgi Irix cpe:/o:sgi:irix:6.5.21m cpe:/o:sgi:irix:6.5.21f cpe:/o:sgi:irix:6.5.20m cpe:/o:sgi:irix:6.5.20f cpe:/o:sgi:irix:6.5.19m cpe:/o:sgi:irix:6.5.19f cpe:/o:sgi:irix:6.5.18m cpe:/o:sgi:irix:6.5.18f cpe:/o:sgi:irix:6.5.17m cpe:/o:sgi:irix:6.5.17f cpe:/o:sgi:irix:6.5.16 cpe:/o:sgi:irix:6.5.15	12
Os	Sun Solaris cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:solaris:9.0::x86 cpe:/o:sun:solaris:8.0 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:solaris:7.0 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:2.6::x86 cpe:/o:sun:solaris:2.6	8
Os	Turbolinux Turbolinux Advanced Server cpe:/o:turbolinux:turbolinux_advanced_server:6.0	1
Os	Turbolinux Turbolinux Server cpe:/o:turbolinux:turbolinux_server:8.0 cpe:/o:turbolinux:turbolinux_server:7.0 cpe:/o:turbolinux:turbolinux_server:6.5 cpe:/o:turbolinux:turbolinux_server:6.1	4
Os	Turbolinux Turbolinux Workstation cpe:/o:turbolinux:turbolinux_workstation:8.0 cpe:/o:turbolinux:turbolinux_workstation:7.0 cpe:/o:turbolinux:turbolinux_workstation:6.0	3

Open Source Vulnerability Database (OSVDB)

id	Description
2577	Sendmail prescan() Function Remote Overflow

Metasploit Database

id	Description
2003-09-17	Sendmail SMTP Address prescan <= 8.12.8 Memory Corruption

Internal Sources (Detail)

Source	Url
BUGTRAQ	http://marc.theaimsgroup.com/?l=bugtraq&m=106381604923204&w=2 http://marc.theaimsgroup.com/?l=bugtraq&m=106382859407683&w=2 http://marc.theaimsgroup.com/?l=bugtraq&m=106383437615742&w=2 http://marc.theaimsgroup.com/?l=bugtraq&m=106398718909274&w=2
CERT	http://www.cert.org/advisories/CA-2003-25.html
CERT-VN	http://www.kb.cert.org/vuls/id/784980
CONECTIVA	http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000742
CONFIRM	http://www.sendmail.org/8.12.10.html
DEBIAN	http://www.debian.org/security/2003/dsa-384
FULLDISC	http://archives.neohapsis.com/archives/fulldisclosure/2003-q3/4119.html
MANDRAKE	http://www.mandriva.com/security/advisories?name=MDKSA-2003:092
REDHAT	http://www.redhat.com/support/errata/RHSA-2003-283.html http://www.redhat.com/support/errata/RHSA-2003-284.html
SCO	ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.11/SCOSA-2004.11.txt
VULNWATCH	http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0113.html

Alert History

Date	Informations
2013-05-11 11:52:32	Multiple Updates