Executive Summary
Summary | |
---|---|
Title | New sendmail packages fix buffer overflows |
Informations | |||
---|---|---|---|
Name | DSA-384 | First vendor Publication | 2003-09-17 |
Vendor | Debian | Last vendor Modification | 2003-09-17 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Two vulnerabilities were reported in sendmail. - CAN-2003-0681 A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences. - CAN-2003-0694 The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. For the stable distribution (woody) these problems have been fixed in sendmail version 8.12.3-6.6 and sendmail-wide version 8.12.3+3.5Wbeta-5.5. For the unstable distribution (sid) these problems have been fixed in sendmail version 8.12.10-1. We recommend that you update your sendmail package. |
Original Source
Url : http://www.debian.org/security/2003/dsa-384 |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:2975 | |||
Oval ID: | oval:org.mitre.oval:def:2975 | ||
Title: | Sendmail prescan function Buffer Overflow | ||
Description: | The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2003-0694 | Version: | 1 |
Platform(s): | Sun Solaris 7 | Product(s): | Sendmail |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:3606 | |||
Oval ID: | oval:org.mitre.oval:def:3606 | ||
Title: | Sendmail Ruleset Parsing Buffer Overflow | ||
Description: | A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2003-0681 | Version: | 1 |
Platform(s): | Sun Solaris 7 Sun Solaris 8 Sun Solaris 9 | Product(s): | Sendmail |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:572 | |||
Oval ID: | oval:org.mitre.oval:def:572 | ||
Title: | Sendmail BO in Prescan Function | ||
Description: | The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2003-0694 | Version: | 4 |
Platform(s): | Red Hat Linux 9 | Product(s): | Sendmail |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:595 | |||
Oval ID: | oval:org.mitre.oval:def:595 | ||
Title: | Potential BO in Ruleset Parsing for Sendmail | ||
Description: | A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2003-0681 | Version: | 4 |
Platform(s): | Red Hat Linux 9 | Product(s): | Sendmail |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:603 | |||
Oval ID: | oval:org.mitre.oval:def:603 | ||
Title: | Sendmail BO in prescan Function | ||
Description: | The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2003-0694 | Version: | 4 |
Platform(s): | Red Hat Linux 9 | Product(s): | Sendmail |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-05-05 | Name : HP-UX Update for sendmail HPSBUX00281 File : nvt/gb_hp_ux_HPSBUX00281.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 384-1 (sendmail) File : nvt/deb_384_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
2577 | Sendmail prescan() Function Remote Overflow A remote overflow exists in Sendmail. The "prescan()" function fails to perform proper bounds checking resulting in a buffer overflow. By using an email message with a specially crafted address, an attacker can cause arbitrary code execution resulting in a loss of integrity. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | RCPT TO overflow RuleID : 654-community - Revision : 28 - Type : SERVER-MAIL |
2014-01-10 | RCPT TO overflow RuleID : 654 - Revision : 28 - Type : SERVER-MAIL |
2014-01-10 | Sendmail RCPT TO prescan too long addresses overflow RuleID : 2270-community - Revision : 18 - Type : SERVER-MAIL |
2014-01-10 | Sendmail RCPT TO prescan too long addresses overflow RuleID : 2270 - Revision : 18 - Type : SERVER-MAIL |
2014-01-10 | RCPT TO overflow RuleID : 18574 - Revision : 6 - Type : SERVER-MAIL |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2007-09-25 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHNE_35483.nasl - Type : ACT_GATHER_INFO |
2007-09-25 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHNE_35484.nasl - Type : ACT_GATHER_INFO |
2007-09-25 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHNE_35485.nasl - Type : ACT_GATHER_INFO |
2005-02-16 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHNE_29912.nasl - Type : ACT_GATHER_INFO |
2005-02-16 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHNE_30224.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-384.nasl - Type : ACT_GATHER_INFO |
2004-09-01 | Name : The remote host is missing a vendor-supplied security patch File : aix_IY48657.nasl - Type : ACT_GATHER_INFO |
2004-09-01 | Name : The remote host is missing a vendor-supplied security patch File : aix_IY48658.nasl - Type : ACT_GATHER_INFO |
2004-07-31 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2003-092.nasl - Type : ACT_GATHER_INFO |
2004-07-25 | Name : The remote host is missing a vendor-supplied security patch File : suse_SA_2003_040.nasl - Type : ACT_GATHER_INFO |
2004-07-06 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2003-284.nasl - Type : ACT_GATHER_INFO |
2003-09-17 | Name : The remote mail server is prone to multiple buffer overflow attacks. File : sendmail_prescan_overflow.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:32:54 |
|