This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Sendmail First view 2003-10-06
Product Sendmail Pro Last view 2003-10-06
Version Type
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:sendmail:sendmail_pro:8.9.2:*:*:*:*:*:*:* 2
cpe:2.3:a:sendmail:sendmail_pro:8.9.3:*:*:*:*:*:*:* 2

Related : CVE

  Date Alert Description
10 2003-10-06 CVE-2003-0694

The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.

7.5 2003-10-06 CVE-2003-0681

A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.

Oval Markup Language : Definitions

OvalID Name
oval:org.mitre.oval:def:595 Potential BO in Ruleset Parsing for Sendmail
oval:org.mitre.oval:def:3606 Sendmail Ruleset Parsing Buffer Overflow
oval:org.mitre.oval:def:603 Sendmail BO in prescan Function
oval:org.mitre.oval:def:572 Sendmail BO in Prescan Function
oval:org.mitre.oval:def:2975 Sendmail prescan function Buffer Overflow

Open Source Vulnerability Database (OSVDB)

id Description
2577 Sendmail prescan() Function Remote Overflow

OpenVAS Exploits

id Description
2009-05-05 Name : HP-UX Update for sendmail HPSBUX00281
File : nvt/gb_hp_ux_HPSBUX00281.nasl
2008-01-17 Name : Debian Security Advisory DSA 384-1 (sendmail)
File : nvt/deb_384_1.nasl

Snort® IPS/IDS

Date Description
2014-01-10 RCPT TO overflow
RuleID : 654-community - Type : SERVER-MAIL - Revision : 28
2014-01-10 RCPT TO overflow
RuleID : 654 - Type : SERVER-MAIL - Revision : 28
2014-01-10 Sendmail RCPT TO prescan too long addresses overflow
RuleID : 2270-community - Type : SERVER-MAIL - Revision : 18
2014-01-10 Sendmail RCPT TO prescan too long addresses overflow
RuleID : 2270 - Type : SERVER-MAIL - Revision : 18
2014-01-10 RCPT TO overflow
RuleID : 18574 - Type : SERVER-MAIL - Revision : 6

Nessus® Vulnerability Scanner

id Description
2007-09-25 Name: The remote HP-UX host is missing a security-related patch.
File: hpux_PHNE_35483.nasl - Type: ACT_GATHER_INFO
2007-09-25 Name: The remote HP-UX host is missing a security-related patch.
File: hpux_PHNE_35484.nasl - Type: ACT_GATHER_INFO
2007-09-25 Name: The remote HP-UX host is missing a security-related patch.
File: hpux_PHNE_35485.nasl - Type: ACT_GATHER_INFO
2005-02-16 Name: The remote HP-UX host is missing a security-related patch.
File: hpux_PHNE_29912.nasl - Type: ACT_GATHER_INFO
2005-02-16 Name: The remote HP-UX host is missing a security-related patch.
File: hpux_PHNE_30224.nasl - Type: ACT_GATHER_INFO
2004-09-29 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-384.nasl - Type: ACT_GATHER_INFO
2004-09-01 Name: The remote host is missing a vendor-supplied security patch
File: aix_IY48657.nasl - Type: ACT_GATHER_INFO
2004-09-01 Name: The remote host is missing a vendor-supplied security patch
File: aix_IY48658.nasl - Type: ACT_GATHER_INFO
2004-07-31 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2003-092.nasl - Type: ACT_GATHER_INFO
2004-07-25 Name: The remote host is missing a vendor-supplied security patch
File: suse_SA_2003_040.nasl - Type: ACT_GATHER_INFO
2004-07-06 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2003-284.nasl - Type: ACT_GATHER_INFO
2003-09-17 Name: The remote mail server is prone to multiple buffer overflow attacks.
File: sendmail_prescan_overflow.nasl - Type: ACT_GATHER_INFO