CVE-2003-0161 : Detail

CVE-2003-0161

67.9%V4
Network
2003-04-01
10h00 +00:00
2024-08-08
01h43 +00:00
CVE.org
NVD
Meldingen voor een CVE
Blijf op de hoogte van wijzigingen voor een specifieke CVE.
Meldingen beheren

CVE-beschrijvingen

The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337.

CVE-informatie

Metriek

Metriek Score Ernst CVSS Vector Source
V2 10 AV:N/AC:L/Au:N/C:C/I:C/A:C nvd@nist.gov

EPSS

EPSS is een scoremodel dat de kans voorspelt dat een kwetsbaarheid wordt uitgebuit.

EPSS-score

Het EPSS-model produceert een kans score tussen 0 en 1 (0 en 100%). Hoe hoger de score, hoe groter de kans dat een kwetsbaarheid wordt uitgebuit.

EPSS-percentiel

Het percentiel wordt gebruikt om CVE's te rangschikken op basis van hun EPSS-score. Een CVE in het 95e percentiel heeft bijvoorbeeld een grotere kans om te worden uitgebuit dan 95% van de andere CVE's. Het percentiel wordt dus gebruikt om de EPSS-score van een CVE te vergelijken met die van andere CVE's.
EPSS First.org

Exploit-informatie

Exploit Database EDB-ID : 24

Publicatiedatum : 2003-04-29 22h00 +00:00
Auteur : bysin
EDB geverifieerd : Yes

Exploit Database EDB-ID : 22442

Publicatiedatum : 2003-03-28 23h00 +00:00
Auteur : sorbo
EDB geverifieerd : Yes

Products Mentioned

Configuraton 0

Sendmail>>Sendmail >> Version 2.6

Sendmail>>Sendmail >> Version 2.6.1

Sendmail>>Sendmail >> Version 2.6.2

Sendmail>>Sendmail >> Version 3.0

Sendmail>>Sendmail >> Version 3.0.1

Sendmail>>Sendmail >> Version 3.0.2

Sendmail>>Sendmail >> Version 3.0.3

Sendmail>>Sendmail >> Version 8.9.0

Sendmail>>Sendmail >> Version 8.9.1

Sendmail>>Sendmail >> Version 8.9.2

Sendmail>>Sendmail >> Version 8.9.3

Sendmail>>Sendmail >> Version 8.10

Sendmail>>Sendmail >> Version 8.10.1

Sendmail>>Sendmail >> Version 8.10.2

Sendmail>>Sendmail >> Version 8.11.0

Sendmail>>Sendmail >> Version 8.11.1

Sendmail>>Sendmail >> Version 8.11.2

Sendmail>>Sendmail >> Version 8.11.3

Sendmail>>Sendmail >> Version 8.11.4

Sendmail>>Sendmail >> Version 8.11.5

Sendmail>>Sendmail >> Version 8.11.6

Sendmail>>Sendmail >> Version 8.12

Sendmail>>Sendmail >> Version 8.12

Sendmail>>Sendmail >> Version 8.12

Sendmail>>Sendmail >> Version 8.12

Sendmail>>Sendmail >> Version 8.12

Sendmail>>Sendmail >> Version 8.12.0

Sendmail>>Sendmail >> Version 8.12.1

Sendmail>>Sendmail >> Version 8.12.2

Sendmail>>Sendmail >> Version 8.12.3

Sendmail>>Sendmail >> Version 8.12.4

Sendmail>>Sendmail >> Version 8.12.5

Sendmail>>Sendmail >> Version 8.12.6

Sendmail>>Sendmail >> Version 8.12.7

Sendmail>>Sendmail >> Version 8.12.8

Sendmail>>Sendmail_switch >> Version 2.1

Sendmail>>Sendmail_switch >> Version 2.1.1

Sendmail>>Sendmail_switch >> Version 2.1.2

Sendmail>>Sendmail_switch >> Version 2.1.3

Sendmail>>Sendmail_switch >> Version 2.1.4

Sendmail>>Sendmail_switch >> Version 2.1.5

Sendmail>>Sendmail_switch >> Version 2.2

Sendmail>>Sendmail_switch >> Version 2.2.1

Sendmail>>Sendmail_switch >> Version 2.2.2

Sendmail>>Sendmail_switch >> Version 2.2.3

Sendmail>>Sendmail_switch >> Version 2.2.4

Sendmail>>Sendmail_switch >> Version 2.2.5

Sendmail>>Sendmail_switch >> Version 3.0

Sendmail>>Sendmail_switch >> Version 3.0.1

Sendmail>>Sendmail_switch >> Version 3.0.2

Sendmail>>Sendmail_switch >> Version 3.0.3

Configuraton 0

Compaq>>Tru64 >> Version 4.0b

Compaq>>Tru64 >> Version 4.0d

Compaq>>Tru64 >> Version 4.0d_pk9_bl17

Compaq>>Tru64 >> Version 4.0f

Compaq>>Tru64 >> Version 4.0f_pk6_bl17

Compaq>>Tru64 >> Version 4.0f_pk7_bl18

Compaq>>Tru64 >> Version 4.0g

Compaq>>Tru64 >> Version 4.0g_pk3_bl17

Compaq>>Tru64 >> Version 5.0

Compaq>>Tru64 >> Version 5.0_pk4_bl17

Compaq>>Tru64 >> Version 5.0_pk4_bl18

Compaq>>Tru64 >> Version 5.0a

Compaq>>Tru64 >> Version 5.0a_pk3_bl17

Compaq>>Tru64 >> Version 5.0f

Compaq>>Tru64 >> Version 5.1

Compaq>>Tru64 >> Version 5.1_pk3_bl17

Compaq>>Tru64 >> Version 5.1_pk4_bl18

Compaq>>Tru64 >> Version 5.1_pk5_bl19

Compaq>>Tru64 >> Version 5.1_pk6_bl20

Compaq>>Tru64 >> Version 5.1a

Compaq>>Tru64 >> Version 5.1a_pk1_bl1

Compaq>>Tru64 >> Version 5.1a_pk2_bl2

Compaq>>Tru64 >> Version 5.1a_pk3_bl3

Compaq>>Tru64 >> Version 5.1b

Compaq>>Tru64 >> Version 5.1b_pk1_bl1

Hp>>Hp-ux >> Version 10.00

Hp>>Hp-ux >> Version 10.01

Hp>>Hp-ux >> Version 10.08

Hp>>Hp-ux >> Version 10.09

Hp>>Hp-ux >> Version 10.10

Hp>>Hp-ux >> Version 10.16

Hp>>Hp-ux >> Version 10.20

Hp>>Hp-ux >> Version 10.24

Hp>>Hp-ux >> Version 10.26

Hp>>Hp-ux >> Version 10.30

Hp>>Hp-ux >> Version 10.34

Hp>>Hp-ux >> Version 11.00

Hp>>Hp-ux >> Version 11.0.4

Hp>>Hp-ux >> Version 11.11

Hp>>Hp-ux >> Version 11.20

Hp>>Hp-ux >> Version 11.22

Hp>>Hp-ux_series_700 >> Version 10.20

Hp>>Hp-ux_series_800 >> Version 10.20

Hp>>Sis >> Version *

Sun>>Solaris >> Version 2.4

Sun>>Solaris >> Version 2.5

Sun>>Solaris >> Version 2.5.1

Sun>>Solaris >> Version 2.5.1

Sun>>Solaris >> Version 2.6

Sun>>Solaris >> Version 7.0

Sun>>Solaris >> Version 8.0

Sun>>Solaris >> Version 9.0

Sun>>Solaris >> Version 9.0

Sun>>Solaris >> Version 9.0

Sun>>Sunos >> Version -

Sun>>Sunos >> Version 5.4

Sun>>Sunos >> Version 5.5

Sun>>Sunos >> Version 5.5.1

Sun>>Sunos >> Version 5.7

Sun>>Sunos >> Version 5.8

Referenties

http://sunsolve.sun.com/search/document.do?assetkey=1-26-52620-1
Tags : vendor-advisory, x_refsource_SUNALERT
http://www.securityfocus.com/bid/7230
Tags : vdb-entry, x_refsource_BID
http://marc.info/?l=bugtraq&m=104914999806315&w=2
Tags : mailing-list, x_refsource_BUGTRAQ
http://www.redhat.com/support/errata/RHSA-2003-120.html
Tags : vendor-advisory, x_refsource_REDHAT
http://www.debian.org/security/2003/dsa-278
Tags : vendor-advisory, x_refsource_DEBIAN
http://www.debian.org/security/2003/dsa-290
Tags : vendor-advisory, x_refsource_DEBIAN
http://www.securityfocus.com/archive/1/317135/30/25220/threaded
Tags : vendor-advisory, x_refsource_IMMUNIX
http://sunsolve.sun.com/search/document.do?assetkey=1-26-52700-1
Tags : vendor-advisory, x_refsource_SUNALERT
http://www.cert.org/advisories/CA-2003-12.html
Tags : third-party-advisory, x_refsource_CERT
http://www.redhat.com/support/errata/RHSA-2003-121.html
Tags : vendor-advisory, x_refsource_REDHAT
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000614
Tags : vendor-advisory, x_refsource_CONECTIVA
http://www.gentoo.org/security/en/glsa/glsa-200303-27.xml
Tags : vendor-advisory, x_refsource_GENTOO
http://marc.info/?l=bugtraq&m=104897487512238&w=2
Tags : mailing-list, x_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/321997
Tags : mailing-list, x_refsource_BUGTRAQ
http://marc.info/?l=bugtraq&m=104896621106790&w=2
Tags : mailing-list, x_refsource_BUGTRAQ
http://www.kb.cert.org/vuls/id/897604
Tags : third-party-advisory, x_refsource_CERT-VN
De informatie die op CVE Find wordt gepresenteerd, is afkomstig van verschillende zorgvuldig geselecteerde referentiebronnen. CVE-gegevens worden geleverd door MITRE Corporation en de National Vulnerability Database (NVD). De Known Exploited Vulnerabilities (KEV)-catalogus is afkomstig van de Cybersecurity and Infrastructure Security Agency (CISA), terwijl EPSS-scores afkomstig zijn van FIRST.org. Daarnaast worden gegevens over softwarezwakheden (CWE) en veelvoorkomende aanvalspatronen (CAPEC) bijgehouden door MITRE Corporation, en informatie over hardware- en softwareconfiguraties (CPE) wordt geleverd door de NVD.