Sendmail Sendmail Switch

This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor	Sendmail	First view	2003-04-02
Product	Sendmail Switch	Last view	2003-10-06
Version		Type
Update
Edition
Language
Sofware Edition
Target Software
Target Hardware
Other

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name	Affected CVE
cpe:2.3:a:sendmail:sendmail_switch:2.1.3:::::::*	3
cpe:2.3:a:sendmail:sendmail_switch:2.1.4:::::::*	3
cpe:2.3:a:sendmail:sendmail_switch:3.0.1:::::::*	3
cpe:2.3:a:sendmail:sendmail_switch:3.0.2:::::::*	3
cpe:2.3:a:sendmail:sendmail_switch:2.1.1:::::::*	3
cpe:2.3:a:sendmail:sendmail_switch:2.1.2:::::::*	3
cpe:2.3:a:sendmail:sendmail_switch:2.2.4:::::::*	3
cpe:2.3:a:sendmail:sendmail_switch:3.0:::::::*	3
cpe:2.3:a:sendmail:sendmail_switch:2.1:::::::*	3
cpe:2.3:a:sendmail:sendmail_switch:2.2.2:::::::*	3
cpe:2.3:a:sendmail:sendmail_switch:2.2.3:::::::*	3
cpe:2.3:a:sendmail:sendmail_switch:2.2:::::::*	3
cpe:2.3:a:sendmail:sendmail_switch:2.2.1:::::::*	3
cpe:2.3:a:sendmail:sendmail_switch:3.0.3:::::::*	3
cpe:2.3:a:sendmail:sendmail_switch:2.2.5:::::::*	3
cpe:2.3:a:sendmail:sendmail_switch:2.1.5:::::::*	3

Related : CVE

	Date	Alert	Description
10	2003-10-06	CVE-2003-0694	The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.
7.5	2003-10-06	CVE-2003-0681	A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.
10	2003-04-02	CVE-2003-0161	The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337.

Oval Markup Language : Definitions

OvalID	Name
oval:org.mitre.oval:def:595	Potential BO in Ruleset Parsing for Sendmail
oval:org.mitre.oval:def:3606	Sendmail Ruleset Parsing Buffer Overflow
oval:org.mitre.oval:def:603	Sendmail BO in prescan Function
oval:org.mitre.oval:def:572	Sendmail BO in Prescan Function
oval:org.mitre.oval:def:2975	Sendmail prescan function Buffer Overflow

Open Source Vulnerability Database (OSVDB)

id	Description
8294	Sendmail NOCHAR Control Value prescan Overflow
2577	Sendmail prescan() Function Remote Overflow

OpenVAS Exploits

id	Description
2009-05-05	Name : HP-UX Update for sendmail HPSBUX00281 File : nvt/gb_hp_ux_HPSBUX00281.nasl
2008-01-17	Name : Debian Security Advisory DSA 278-1 (sendmail) File : nvt/deb_278_1.nasl
2008-01-17	Name : Debian Security Advisory DSA 278-2 (sendmail) File : nvt/deb_278_2.nasl
2008-01-17	Name : Debian Security Advisory DSA 290-1 (sendmail-wide) File : nvt/deb_290_1.nasl
2008-01-17	Name : Debian Security Advisory DSA 384-1 (sendmail) File : nvt/deb_384_1.nasl

Snort® IPS/IDS

Date	Description
2014-01-10	RCPT TO overflow RuleID : 654-community - Type : SERVER-MAIL - Revision : 28
2014-01-10	RCPT TO overflow RuleID : 654 - Type : SERVER-MAIL - Revision : 28
2014-01-10	Sendmail RCPT TO prescan too long addresses overflow RuleID : 2270-community - Type : SERVER-MAIL - Revision : 18
2014-01-10	Sendmail RCPT TO prescan too long addresses overflow RuleID : 2270 - Type : SERVER-MAIL - Revision : 18
2014-01-10	Sendmail MAIL FROM prescan too long addresses overflow RuleID : 2268-community - Type : SERVER-MAIL - Revision : 16
2014-01-10	Sendmail MAIL FROM prescan too long addresses overflow RuleID : 2268 - Type : SERVER-MAIL - Revision : 16
2014-01-10	Sendmail SOML FROM prescan too long addresses overflow RuleID : 2266-community - Type : SERVER-MAIL - Revision : 16
2014-01-10	Sendmail SOML FROM prescan too long addresses overflow RuleID : 2266 - Type : SERVER-MAIL - Revision : 16
2014-01-10	Sendmail SAML FROM prescan too long addresses overflow RuleID : 2264-community - Type : SERVER-MAIL - Revision : 16
2014-01-10	Sendmail SAML FROM prescan too long addresses overflow RuleID : 2264 - Type : SERVER-MAIL - Revision : 16
2014-01-10	Sendmail SEND FROM prescan too long addresses overflow RuleID : 2262-community - Type : SERVER-MAIL - Revision : 16
2014-01-10	Sendmail SEND FROM prescan too long addresses overflow RuleID : 2262 - Type : SERVER-MAIL - Revision : 16
2014-01-10	VRFY overflow attempt RuleID : 2260-community - Type : SERVER-MAIL - Revision : 17
2014-01-10	VRFY overflow attempt RuleID : 2260 - Type : SERVER-MAIL - Revision : 17
2014-01-10	EXPN overflow attempt RuleID : 2259-community - Type : SERVER-MAIL - Revision : 17
2014-01-10	EXPN overflow attempt RuleID : 2259 - Type : SERVER-MAIL - Revision : 17
2014-01-10	Sendmail Content-Transfer-Encoding overflow attempt RuleID : 2183-community - Type : SERVER-MAIL - Revision : 16
2014-01-10	Sendmail Content-Transfer-Encoding overflow attempt RuleID : 2183 - Type : SERVER-MAIL - Revision : 16
2014-01-10	RCPT TO overflow RuleID : 18574 - Type : SERVER-MAIL - Revision : 6

Nessus® Vulnerability Scanner

id	Description
2007-09-25	Name: The remote HP-UX host is missing a security-related patch. File: hpux_PHNE_35485.nasl - Type: ACT_GATHER_INFO
2007-09-25	Name: The remote HP-UX host is missing a security-related patch. File: hpux_PHNE_35483.nasl - Type: ACT_GATHER_INFO
2007-09-25	Name: The remote HP-UX host is missing a security-related patch. File: hpux_PHNE_35484.nasl - Type: ACT_GATHER_INFO
2005-02-16	Name: The remote HP-UX host is missing a security-related patch. File: hpux_PHNE_28409.nasl - Type: ACT_GATHER_INFO
2005-02-16	Name: The remote HP-UX host is missing a security-related patch. File: hpux_PHNE_29526.nasl - Type: ACT_GATHER_INFO
2005-02-16	Name: The remote HP-UX host is missing a security-related patch. File: hpux_PHNE_29912.nasl - Type: ACT_GATHER_INFO
2005-02-16	Name: The remote HP-UX host is missing a security-related patch. File: hpux_PHNE_30224.nasl - Type: ACT_GATHER_INFO
2004-09-29	Name: The remote Debian host is missing a security-related update. File: debian_DSA-278.nasl - Type: ACT_GATHER_INFO
2004-09-29	Name: The remote Debian host is missing a security-related update. File: debian_DSA-290.nasl - Type: ACT_GATHER_INFO
2004-09-29	Name: The remote Debian host is missing a security-related update. File: debian_DSA-384.nasl - Type: ACT_GATHER_INFO
2004-09-01	Name: The remote host is missing a vendor-supplied security patch File: aix_IY48658.nasl - Type: ACT_GATHER_INFO
2004-09-01	Name: The remote host is missing a vendor-supplied security patch File: aix_IY48657.nasl - Type: ACT_GATHER_INFO
2004-07-31	Name: The remote Mandrake Linux host is missing one or more security updates. File: mandrake_MDKSA-2003-042.nasl - Type: ACT_GATHER_INFO
2004-07-31	Name: The remote Mandrake Linux host is missing one or more security updates. File: mandrake_MDKSA-2003-092.nasl - Type: ACT_GATHER_INFO
2004-07-25	Name: The remote host is missing a vendor-supplied security patch File: suse_SA_2003_040.nasl - Type: ACT_GATHER_INFO
2004-07-06	Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2003-121.nasl - Type: ACT_GATHER_INFO
2004-07-06	Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2003-284.nasl - Type: ACT_GATHER_INFO
2003-09-17	Name: The remote mail server is prone to multiple buffer overflow attacks. File: sendmail_prescan_overflow.nasl - Type: ACT_GATHER_INFO
2003-03-29	Name: Arbitrary code may be run on the remote server File: sendmail_conversion_overflow.nasl - Type: ACT_GATHER_INFO

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.4259s

Facebook rss twitter linkedin mail