CVE-2003-0161: Buffer Overflow
First published: Tue Apr 01 2003(Updated: )
The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sendmail | =2.1.2 | |
| Sendmail | =3.0.2 | |
| Sendmail | =2.2.2 | |
| Sendmail Sendmail | =2.6.2 | |
| Sendmail Sendmail | =8.9.2 | |
| Sendmail | =2.1.1 | |
| Sendmail Sendmail | =8.11.4 | |
| Sendmail Sendmail | =8.12-beta16 | |
| Sendmail Sendmail | =2.6 | |
| Sendmail Sendmail | =8.10.1 | |
| Sendmail Sendmail | =8.12.8 | |
| Sendmail Sendmail | =8.9.1 | |
| Sendmail | =2.2 | |
| Sendmail | =2.2.1 | |
| Sendmail Sendmail | =8.11.1 | |
| Sendmail Sendmail | =8.11.3 | |
| Sendmail Sendmail | =8.12.3 | |
| Sendmail Sendmail | =8.12.4 | |
| Sendmail | =2.1.3 | |
| Sendmail Sendmail | =2.6.1 | |
| Sendmail Sendmail | =8.10.2 | |
| Sendmail Sendmail | =8.11.0 | |
| Sendmail Sendmail | =8.12.1 | |
| Sendmail Sendmail | =8.12-beta12 | |
| Sendmail | =2.1 | |
| Sendmail Sendmail | =3.0.3 | |
| Sendmail Sendmail | =8.9.0 | |
| Sendmail Sendmail | =8.10 | |
| Sendmail Sendmail | =8.11.6 | |
| Sendmail Sendmail | =8.12.0 | |
| Sendmail Sendmail | =8.12.7 | |
| Sendmail | =3.0.3 | |
| Sendmail Sendmail | =3.0 | |
| Sendmail Sendmail | =3.0.1 | |
| Sendmail Sendmail | =8.11.2 | |
| Sendmail Sendmail | =8.12-beta5 | |
| Sendmail | =2.2.4 | |
| Sendmail | =2.2.5 | |
| Sendmail Sendmail | =8.12.2 | |
| Sendmail Sendmail | =8.12-beta10 | |
| Sendmail Sendmail | =8.9.3 | |
| Sendmail | =2.2.3 | |
| Sendmail Sendmail | =3.0.2 | |
| Sendmail Sendmail | =8.11.5 | |
| Sendmail Sendmail | =8.12.5 | |
| Sendmail Sendmail | =8.12.6 | |
| Sendmail Sendmail | =8.12-beta7 | |
| Sendmail | =2.1.4 | |
| Sendmail | =2.1.5 | |
| Sendmail | =3.0 | |
| Sendmail | =3.0.1 | |
| HP-UX | =10.20 | |
| HPE HP-UX | =10.30 | |
| HP Tru64 UNIX | =5.0a_pk3_bl17 | |
| HPE HP-UX | =11.11 | |
| HP Tru64 UNIX | =5.1_pk3_bl17 | |
| HPE HP-UX | =10.01 | |
| Oracle Solaris SPARC | =2.4 | |
| hp sis | ||
| HPE HP-UX | =10.00 | |
| HP Tru64 UNIX | =4.0g | |
| HP Tru64 UNIX | =4.0d | |
| HP Tru64 UNIX | =4.0d_pk9_bl17 | |
| HP Tru64 UNIX | =5.0_pk4_bl18 | |
| HPE HP-UX | =10.34 | |
| HP Tru64 UNIX | =4.0g_pk3_bl17 | |
| HP Tru64 UNIX | =5.0 | |
| HP Tru64 UNIX | =5.0_pk4_bl17 | |
| HP Tru64 UNIX | =5.1_pk4_bl18 | |
| HP Tru64 UNIX | =5.1b_pk1_bl1 | |
| HPE HP-UX | =10.26 | |
| Oracle Solaris SPARC | =2.5.1 | |
| Oracle Solaris SPARC | =2.5 | |
| Oracle Solaris SPARC | =2.5.1 | |
| HP Tru64 UNIX | =4.0f_pk6_bl17 | |
| Sun SunOS | =5.5 | |
| Sun SunOS | =5.7 | |
| Sun SunOS | =5.8 | |
| HP Tru64 UNIX | =4.0f_pk7_bl18 | |
| HP Tru64 UNIX | =5.0a | |
| HP Tru64 UNIX | =5.1_pk6_bl20 | |
| HP Tru64 UNIX | =5.1a | |
| HPE HP-UX | =10.08 | |
| HP Tru64 UNIX | =4.0b | |
| HP Tru64 UNIX | =5.1_pk5_bl19 | |
| HP-UX | =10.20 | |
| Oracle Solaris SPARC | =9.0 | |
| Oracle Solaris SPARC | =9.0-x86_update_2 | |
| HPE HP-UX | =11.0.4 | |
| Sun SunOS | =5.4 | |
| Oracle Solaris SPARC | =2.6 | |
| Sun SunOS | ||
| HP Tru64 UNIX | =5.1 | |
| HP Tru64 UNIX | =5.1a_pk3_bl3 | |
| HP Tru64 UNIX | =5.1b | |
| HPE HP-UX | =10.16 | |
| HPE HP-UX | =10.20 | |
| HPE HP-UX | =10.24 | |
| HPE HP-UX | =11.20 | |
| HPE HP-UX | =11.22 | |
| Sun SunOS | =5.5.1 | |
| Oracle Solaris SPARC | =8.0 | |
| Oracle Solaris SPARC | =9.0 | |
| HP Tru64 UNIX | =4.0f | |
| HP Tru64 UNIX | =5.0f | |
| HP Tru64 UNIX | =5.1a_pk1_bl1 | |
| HP Tru64 UNIX | =5.1a_pk2_bl2 | |
| HPE HP-UX | =10.09 | |
| HPE HP-UX | =10.10 | |
| HPE HP-UX | =11.00 | |
| Oracle Solaris SPARC | =7.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.cert.org/advisories/CA-2003-12.html
- http://www.securityfocus.com/bid/7230
- http://www.redhat.com/support/errata/RHSA-2003-120.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2003-March/004295.html
- http://www.kb.cert.org/vuls/id/897604
- http://www.redhat.com/support/errata/RHSA-2003-121.html
- http://www.debian.org/security/2003/dsa-278
- http://www.debian.org/security/2003/dsa-290
- http://lists.apple.com/mhonarc/security-announce/msg00028.html
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000614
- http://www.securityfocus.com/archive/1/321997
- http://www.gentoo.org/security/en/glsa/glsa-200303-27.xml
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-52620-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-26-52700-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001088.1-1
- http://marc.info/?l=bugtraq&m=104896621106790&w=2
- http://marc.info/?l=bugtraq&m=104914999806315&w=2
- http://marc.info/?l=bugtraq&m=104897487512238&w=2
- http://www.securityfocus.com/archive/1/317135/30/25220/threaded
- http://www.securityfocus.com/archive/1/316961/30/25250/threaded
Frequently Asked Questions
What is the severity of CVE-2003-0161?
The severity of CVE-2003-0161 is considered high, as it allows remote attackers to exploit the vulnerability and potentially execute arbitrary code.
How do I fix CVE-2003-0161?
To fix CVE-2003-0161, update Sendmail to version 8.12.9 or later, which addresses the vulnerability.
Which versions of Sendmail are affected by CVE-2003-0161?
CVE-2003-0161 affects multiple Sendmail versions, specifically those prior to 8.12.9.
Can CVE-2003-0161 be exploited by attackers?
Yes, CVE-2003-0161 can be exploited by attackers who send specially crafted email, leading to potential denial of service or code execution.
Is there a workaround for CVE-2003-0161?
A temporary workaround for CVE-2003-0161 includes disabling unused Sendmail features or implementing strict input validation.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/last-modified-date
- agent/weakness
- agent/remedy
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/sendmail
- canonical/sendmail
- version/sendmail/2.1.2
- version/sendmail/3.0.2
- version/sendmail/2.2.2
- canonical/sendmail sendmail
- version/sendmail sendmail/2.6.2
- version/sendmail sendmail/8.9.2
- version/sendmail/2.1.1
- version/sendmail sendmail/8.11.4
- version/sendmail sendmail/8.12-beta16
- version/sendmail sendmail/2.6
- version/sendmail sendmail/8.10.1
- version/sendmail sendmail/8.12.8
- version/sendmail sendmail/8.9.1
- version/sendmail/2.2
- version/sendmail/2.2.1
- version/sendmail sendmail/8.11.1
- version/sendmail sendmail/8.11.3
- version/sendmail sendmail/8.12.3
- version/sendmail sendmail/8.12.4
- version/sendmail/2.1.3
- version/sendmail sendmail/2.6.1
- version/sendmail sendmail/8.10.2
- version/sendmail sendmail/8.11.0
- version/sendmail sendmail/8.12.1
- version/sendmail sendmail/8.12-beta12
- version/sendmail/2.1
- version/sendmail sendmail/3.0.3
- version/sendmail sendmail/8.9.0
- version/sendmail sendmail/8.10
- version/sendmail sendmail/8.11.6
- version/sendmail sendmail/8.12.0
- version/sendmail sendmail/8.12.7
- version/sendmail/3.0.3
- version/sendmail sendmail/3.0
- version/sendmail sendmail/3.0.1
- version/sendmail sendmail/8.11.2
- version/sendmail sendmail/8.12-beta5
- version/sendmail/2.2.4
- version/sendmail/2.2.5
- version/sendmail sendmail/8.12.2
- version/sendmail sendmail/8.12-beta10
- version/sendmail sendmail/8.9.3
- version/sendmail/2.2.3
- version/sendmail sendmail/3.0.2
- version/sendmail sendmail/8.11.5
- version/sendmail sendmail/8.12.5
- version/sendmail sendmail/8.12.6
- version/sendmail sendmail/8.12-beta7
- version/sendmail/2.1.4
- version/sendmail/2.1.5
- version/sendmail/3.0
- version/sendmail/3.0.1
- vendor/hp
- canonical/hp-ux
- version/hp-ux/10.20
- canonical/hpe hp-ux
- version/hpe hp-ux/10.30
- vendor/compaq
- canonical/hp tru64 unix
- version/hp tru64 unix/5.0a_pk3_bl17
- version/hpe hp-ux/11.11
- version/hp tru64 unix/5.1_pk3_bl17
- version/hpe hp-ux/10.01
- vendor/sun
- canonical/oracle solaris sparc
- version/oracle solaris sparc/2.4
- canonical/hp sis
- version/hpe hp-ux/10.00
- version/hp tru64 unix/4.0g
- version/hp tru64 unix/4.0d
- version/hp tru64 unix/4.0d_pk9_bl17
- version/hp tru64 unix/5.0_pk4_bl18
- version/hpe hp-ux/10.34
- version/hp tru64 unix/4.0g_pk3_bl17
- version/hp tru64 unix/5.0
- version/hp tru64 unix/5.0_pk4_bl17
- version/hp tru64 unix/5.1_pk4_bl18
- version/hp tru64 unix/5.1b_pk1_bl1
- version/hpe hp-ux/10.26
- version/oracle solaris sparc/2.5.1
- version/oracle solaris sparc/2.5
- version/hp tru64 unix/4.0f_pk6_bl17
- canonical/sun sunos
- version/sun sunos/5.5
- version/sun sunos/5.7
- version/sun sunos/5.8
- version/hp tru64 unix/4.0f_pk7_bl18
- version/hp tru64 unix/5.0a
- version/hp tru64 unix/5.1_pk6_bl20
- version/hp tru64 unix/5.1a
- version/hpe hp-ux/10.08
- version/hp tru64 unix/4.0b
- version/hp tru64 unix/5.1_pk5_bl19
- version/oracle solaris sparc/9.0
- version/oracle solaris sparc/9.0-x86_update_2
- version/hpe hp-ux/11.0.4
- version/sun sunos/5.4
- version/oracle solaris sparc/2.6
- version/hp tru64 unix/5.1
- version/hp tru64 unix/5.1a_pk3_bl3
- version/hp tru64 unix/5.1b
- version/hpe hp-ux/10.16
- version/hpe hp-ux/10.20
- version/hpe hp-ux/10.24
- version/hpe hp-ux/11.20
- version/hpe hp-ux/11.22
- version/sun sunos/5.5.1
- version/oracle solaris sparc/8.0
- version/hp tru64 unix/4.0f
- version/hp tru64 unix/5.0f
- version/hp tru64 unix/5.1a_pk1_bl1
- version/hp tru64 unix/5.1a_pk2_bl2
- version/hpe hp-ux/10.09
- version/hpe hp-ux/10.10
- version/hpe hp-ux/11.00
- version/oracle solaris sparc/7.0