Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-384
HistorySep 17, 2003 - 12:00 a.m.

sendmail - buffer overflows

2003-09-1700:00:00
Google
osv.dev
13

EPSS

0.052

Percentile

93.1%

JSON

Two vulnerabilities were reported in sendmail.

A “potential buffer overflow in ruleset parsing” for Sendmail
8.12.9, when using the nonstandard rulesets (1) recipient (2),
final, or (3) mailer-specific envelope recipients, has unknown
consequences.

The prescan function in Sendmail 8.12.9 allows remote attackers to
execute arbitrary code via buffer overflow attacks, as demonstrated
using the parseaddr function in parseaddr.c.

For the stable distribution (woody) these problems have been fixed in
sendmail version 8.12.3-6.6 and sendmail-wide version
8.12.3+3.5Wbeta-5.5.

For the unstable distribution (sid) these problems have been fixed in
sendmail version 8.12.10-1.

We recommend that you update your sendmail package.

Related

nessus 12
openvas 5
cert 1
debian 1
cve 2
cvelist 2
redhat 1
nvd 2
ubuntucve 2
exploitdb 1
metasploit 1
packetstorm 1
debiancve 2
suse 1
nessus
nessus
Debian DSA-384-1 : sendmail - buffer overflows
2004-09-29 00:00:00
HP-UX PHNE_29912 : HP-UX sendmail, Remote Unauthorized Privileged Access (HPSBUX00281 SSRT3631 rev.11)
2005-02-16 00:00:00
Sendmail < 8.12.10 prescan() Function Remote Overflow
2003-09-17 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-384)
2008-01-17 00:00:00
Debian Security Advisory DSA 384-1 (sendmail)
2008-01-17 00:00:00
HP-UX Update for sendmail HPSBUX00253
2009-05-05 00:00:00
cert
cert
Sendmail prescan() buffer overflow vulnerability
2003-09-17 00:00:00
debian
debian
[SECURITY] [DSA-384-1] New sendmail packages fix buffer overflows
2003-09-18 02:19:55
cve
cve
CVE-2003-0681
2003-10-06 04:00:00
CVE-2003-0694
2003-10-06 04:00:00
cvelist
cvelist
CVE-2003-0694
2003-09-18 04:00:00
CVE-2003-0681
2003-09-18 04:00:00
redhat
redhat
(RHSA-2003:284) sendmail security update
2003-09-17 00:00:00
nvd
nvd
CVE-2003-0694
2003-10-06 04:00:00
CVE-2003-0681
2003-10-06 04:00:00
ubuntucve
ubuntucve
CVE-2003-0694
2003-10-06 00:00:00
CVE-2003-0681
2003-10-06 00:00:00
exploitdb
exploitdb
Sendmail 8.12.9 - &#039;Prescan()&#039; Variant Remote Buffer Overrun
2003-09-17 00:00:00
metasploit
metasploit
Sendmail SMTP Address prescan Memory Corruption
2009-09-12 10:56:36
packetstorm
packetstorm
Sendmail SMTP Address prescan Memory Corruption
2024-08-31 00:00:00
debiancve
debiancve
CVE-2003-0694
2003-10-06 04:00:00
CVE-2003-0681
2003-10-06 04:00:00
suse
suse
local/remote privilege escalation in sendmail, sendmail-tls
2003-09-20 16:11:37

EPSS

0.052

Percentile

93.1%

JSON
Related for OSV:DSA-384
nessus12openvas5cert1debian1cve2cvelist2redhat1nvd2ubuntucve2exploitdb1metasploit1packetstorm1debiancve2suse1