Lucene search
RedHatRHSA-2003:121HistoryMar 31, 2003 - 12:00 a.m.
(RHSA-2003:121) sendmail security update
2003-03-3100:00:00
access.redhat.com
21
0.172 Low
EPSS
Percentile
96.1%
Sendmail is a widely used Mail Transport Agent (MTA) which is included
in all Red Hat Enterprise Linux distributions.
There is a vulnerability in Sendmail versions 8.12.8 and prior. The
address parser performs insufficient bounds checking in certain conditions
due to a char to int conversion, making it possible for an attacker to
take control of the application. Although no exploit currently exists,
this issue is probably locally exploitable and may be remotely exploitable.
All users are advised to update to these erratum packages containing a
backported patch which corrects these vulnerabilities.
Red Hat would like to thank Michal Zalewski for finding and reporting this
issue.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | any | i386 | sendmail-cf | < 8.11.6-26.72 | sendmail-cf-8.11.6-26.72.i386.rpm |
| RedHat | any | ia64 | sendmail | < 8.11.6-26.72 | sendmail-8.11.6-26.72.ia64.rpm |
| RedHat | any | ia64 | sendmail-devel | < 8.11.6-26.72 | sendmail-devel-8.11.6-26.72.ia64.rpm |
| RedHat | any | i386 | sendmail | < 8.11.6-26.72 | sendmail-8.11.6-26.72.i386.rpm |
| RedHat | any | ia64 | sendmail-cf | < 8.11.6-26.72 | sendmail-cf-8.11.6-26.72.ia64.rpm |
| RedHat | any | ia64 | sendmail-doc | < 8.11.6-26.72 | sendmail-doc-8.11.6-26.72.ia64.rpm |
| RedHat | any | i386 | sendmail-devel | < 8.11.6-26.72 | sendmail-devel-8.11.6-26.72.i386.rpm |
| RedHat | any | i386 | sendmail-doc | < 8.11.6-26.72 | sendmail-doc-8.11.6-26.72.i386.rpm |
Related
debian
debian
osv
osv
sendmail-wide - char-to-int conversion
2003-04-17 00:00:00
sendmail - char-to-int conversion
2003-04-04 00:00:00
nessus
nessus
Debian DSA-290-1 : sendmail-wide - char-to-int conversion
2004-09-29 00:00:00
Mandrake Linux Security Advisory : sendmail (MDKSA-2003:042-1)
2004-07-31 00:00:00
RHEL 2.1 : sendmail (RHSA-2003:121)
2004-07-06 00:00:00
securityvulns
securityvulns
CERT Advisory CA-2003-12 Buffer Overflow in Sendmail
2003-03-31 00:00:00
Sendmail: -1 gone wild
2003-03-31 00:00:00
openvas
openvas
Debian Security Advisory DSA 278-2 (sendmail)
2008-01-17 00:00:00
Debian Security Advisory DSA 278-2 (sendmail)
2008-01-17 00:00:00
Debian Security Advisory DSA 290-1 (sendmail-wide)
2008-01-17 00:00:00
suse
suse
local/remote privilege escalation in sendmail, sendmail-tls
2003-04-01 17:21:29
cert
cert
Sendmail address parsing buffer overflow
2003-03-29 00:00:00
nvd
nvd
CVE-2003-0161
2003-04-02 05:00:00
cve
cve
CVE-2003-0161
2003-04-02 05:00:00
cvelist
cvelist
CVE-2003-0161
2003-04-01 05:00:00
debiancve
debiancve
CVE-2003-0161
2003-04-02 05:00:00