Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
20 Nov 2024, 23:41
Type | Values Removed | Values Added |
---|---|---|
References | () ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-002.txt.asc - Broken Link | |
References | () ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.6 - Broken Link | |
References | () ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.5 - Broken Link | |
References | () ftp://patches.sgi.com/support/free/security/advisories/20030301-01-P - Broken Link | |
References | () http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000571 - Broken Link | |
References | () http://frontal2.mandriva.com/security/advisories?name=MDKSA-2003:028 - Broken Link | |
References | () http://marc.info/?l=bugtraq&m=104673778105192&w=2 - Third Party Advisory | |
References | () http://marc.info/?l=bugtraq&m=104678739608479&w=2 - Third Party Advisory | |
References | () http://marc.info/?l=bugtraq&m=104678862109841&w=2 - Third Party Advisory | |
References | () http://marc.info/?l=bugtraq&m=104678862409849&w=2 - Third Party Advisory | |
References | () http://marc.info/?l=bugtraq&m=104679411316818&w=2 - Third Party Advisory | |
References | () http://www-1.ibm.com/support/search.wss?rs=0&q=IY40500&apar=only - Broken Link | |
References | () http://www-1.ibm.com/support/search.wss?rs=0&q=IY40501&apar=only - Broken Link | |
References | () http://www-1.ibm.com/support/search.wss?rs=0&q=IY40502&apar=only - Broken Link | |
References | () http://www.cert.org/advisories/CA-2003-07.html - Broken Link, Patch, Third Party Advisory, US Government Resource | |
References | () http://www.debian.org/security/2003/dsa-257 - Broken Link | |
References | () http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950 - Broken Link, Patch, Vendor Advisory | |
References | () http://www.iss.net/security_center/static/10748.php - Broken Link | |
References | () http://www.kb.cert.org/vuls/id/398025 - Third Party Advisory, US Government Resource | |
References | () http://www.redhat.com/support/errata/RHSA-2003-073.html - Broken Link | |
References | () http://www.redhat.com/support/errata/RHSA-2003-074.html - Broken Link | |
References | () http://www.redhat.com/support/errata/RHSA-2003-227.html - Broken Link | |
References | () http://www.securityfocus.com/bid/6991 - Broken Link, Exploit, Patch, Third Party Advisory, VDB Entry, Vendor Advisory | |
References | () http://www.sendmail.org/8.12.8.html - Broken Link, Patch, Vendor Advisory | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2222 - Broken Link |
09 Feb 2024, 03:19
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:sendmail:sendmail:8.12.1:*:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail_switch:2.1.1:*:*:*:*:*:*:* cpe:2.3:a:sgi:freeware:1.0:*:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail:8.12:beta5:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail:8.12.6:*:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail:8.10.1:*:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail:3.0:*:nt:*:*:*:*:* cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:* cpe:2.3:a:sendmail:sendmail:8.8.8:*:*:*:*:*:*:* cpe:2.3:a:sendmail:advanced_message_server:1.3:*:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail:5.65:*:*:*:*:*:*:* cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:* cpe:2.3:a:sendmail:sendmail:8.12:beta16:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail:3.0.1:*:nt:*:*:*:*:* cpe:2.3:a:sendmail:sendmail:8.10:*:*:*:*:*:*:* cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail_switch:2.2:*:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail:8.12.7:*:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail:8.12:beta12:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail:8.12.3:*:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail_switch:3.0.2:*:*:*:*:*:*:* cpe:2.3:a:sendmail:advanced_message_server:1.2:*:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail:8.11.1:*:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail:3.0.2:*:nt:*:*:*:*:* cpe:2.3:a:sendmail:sendmail:8.12.5:*:*:*:*:*:*:* cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:* cpe:2.3:a:sendmail:sendmail:8.12.4:*:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail:8.12.2:*:*:*:*:*:*:* cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:* cpe:2.3:a:sendmail:sendmail_switch:2.2.3:*:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail_switch:2.2.2:*:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail:8.11.5:*:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail:8.12:beta7:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail:5.61:*:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail:8.11.6:*:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail_switch:2.1.2:*:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail:8.12.0:*:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail:5.59:*:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail:8.11.3:*:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail_switch:2.1.4:*:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail:8.11.2:*:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail:8.10.2:*:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail:8.9.2:*:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail:8.9.1:*:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail_switch:3.0.1:*:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail:8.9.3:*:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail:8.9.0:*:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail_switch:2.2.1:*:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail_switch:2.2.4:*:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail:2.6.1:*:nt:*:*:*:*:* cpe:2.3:a:sendmail:sendmail_switch:3.0:*:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail:2.6:*:nt:*:*:*:*:* cpe:2.3:a:sendmail:sendmail_switch:2.1.3:*:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail:8.12:beta10:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail:8.11.4:*:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail:8.11.0:*:*:*:*:*:*:* |
cpe:2.3:o:oracle:solaris:2.6:*:*:*:*:*:*:* cpe:2.3:o:oracle:solaris:7.0:*:*:*:*:*:*:* cpe:2.3:o:oracle:solaris:8:*:*:*:*:*:*:* cpe:2.3:o:oracle:solaris:9:*:*:*:*:*:*:* cpe:2.3:a:sendmail:sendmail:*:*:*:*:*:*:*:* |
First Time |
Oracle solaris
Oracle |
|
CWE | CWE-120 | |
References | () ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-002.txt.asc - Broken Link | |
References | () ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.6 - Broken Link | |
References | () ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.5 - Broken Link | |
References | () ftp://patches.sgi.com/support/free/security/advisories/20030301-01-P - Broken Link | |
References | () http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000571 - Broken Link | |
References | () http://frontal2.mandriva.com/security/advisories?name=MDKSA-2003:028 - Broken Link | |
References | () http://marc.info/?l=bugtraq&m=104673778105192&w=2 - Third Party Advisory | |
References | () http://marc.info/?l=bugtraq&m=104678739608479&w=2 - Third Party Advisory | |
References | () http://marc.info/?l=bugtraq&m=104678862109841&w=2 - Third Party Advisory | |
References | () http://marc.info/?l=bugtraq&m=104678862409849&w=2 - Third Party Advisory | |
References | () http://marc.info/?l=bugtraq&m=104679411316818&w=2 - Third Party Advisory | |
References | () http://www-1.ibm.com/support/search.wss?rs=0&q=IY40500&apar=only - Broken Link | |
References | () http://www-1.ibm.com/support/search.wss?rs=0&q=IY40501&apar=only - Broken Link | |
References | () http://www-1.ibm.com/support/search.wss?rs=0&q=IY40502&apar=only - Broken Link | |
References | () http://www.cert.org/advisories/CA-2003-07.html - Broken Link, Patch, Third Party Advisory, US Government Resource | |
References | () http://www.debian.org/security/2003/dsa-257 - Broken Link | |
References | () http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950 - Broken Link, Patch, Vendor Advisory | |
References | () http://www.iss.net/security_center/static/10748.php - Broken Link | |
References | () http://www.kb.cert.org/vuls/id/398025 - Third Party Advisory, US Government Resource | |
References | () http://www.redhat.com/support/errata/RHSA-2003-073.html - Broken Link | |
References | () http://www.redhat.com/support/errata/RHSA-2003-074.html - Broken Link | |
References | () http://www.redhat.com/support/errata/RHSA-2003-227.html - Broken Link | |
References | () http://www.securityfocus.com/bid/6991 - Broken Link, Exploit, Patch, Third Party Advisory, VDB Entry, Vendor Advisory | |
References | () http://www.sendmail.org/8.12.8.html - Broken Link, Patch, Vendor Advisory | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2222 - Broken Link |
Information
Published : 2003-03-07 05:00
Updated : 2024-11-20 23:41
NVD link : CVE-2002-1337
Mitre link : CVE-2002-1337
CVE.ORG link : CVE-2002-1337
JSON object : View
Products Affected
gentoo
- linux
windriver
- platform_sa
- bsdos
hp
- hp-ux
- alphaserver_sc
oracle
- solaris
netbsd
- netbsd
sun
- sunos
sendmail
- sendmail
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')