ID CVE-2003-0161
Summary The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337.
References
Vulnerable Configurations
  • Sendmail Sendmail 2.6
    cpe:2.3:a:sendmail:sendmail:2.6
  • Sendmail Sendmail 2.6.1
    cpe:2.3:a:sendmail:sendmail:2.6.1
  • Sendmail Sendmail 2.6.2
    cpe:2.3:a:sendmail:sendmail:2.6.2
  • Sendmail Sendmail 3.0
    cpe:2.3:a:sendmail:sendmail:3.0
  • Sendmail Sendmail 3.0.1
    cpe:2.3:a:sendmail:sendmail:3.0.1
  • Sendmail Sendmail 3.0.2
    cpe:2.3:a:sendmail:sendmail:3.0.2
  • Sendmail Sendmail 3.0.3
    cpe:2.3:a:sendmail:sendmail:3.0.3
  • Sendmail Sendmail 8.9.0
    cpe:2.3:a:sendmail:sendmail:8.9.0
  • Sendmail Sendmail 8.9.1
    cpe:2.3:a:sendmail:sendmail:8.9.1
  • Sendmail Sendmail 8.9.2
    cpe:2.3:a:sendmail:sendmail:8.9.2
  • Sendmail Sendmail 8.9.3
    cpe:2.3:a:sendmail:sendmail:8.9.3
  • Sendmail Sendmail 8.10
    cpe:2.3:a:sendmail:sendmail:8.10
  • Sendmail Sendmail 8.10.1
    cpe:2.3:a:sendmail:sendmail:8.10.1
  • Sendmail Sendmail 8.10.2
    cpe:2.3:a:sendmail:sendmail:8.10.2
  • Sendmail Sendmail 8.11
    cpe:2.3:a:sendmail:sendmail:8.11.0
  • Sendmail Sendmail 8.11.1
    cpe:2.3:a:sendmail:sendmail:8.11.1
  • Sendmail Sendmail 8.11.2
    cpe:2.3:a:sendmail:sendmail:8.11.2
  • Sendmail Sendmail 8.11.3
    cpe:2.3:a:sendmail:sendmail:8.11.3
  • Sendmail Sendmail 8.11.4
    cpe:2.3:a:sendmail:sendmail:8.11.4
  • Sendmail Sendmail 8.11.5
    cpe:2.3:a:sendmail:sendmail:8.11.5
  • Sendmail Sendmail 8.11.6
    cpe:2.3:a:sendmail:sendmail:8.11.6
  • Sendmail Sendmail 8.12 Beta10
    cpe:2.3:a:sendmail:sendmail:8.12:beta10
  • Sendmail Sendmail 8.12 Beta12
    cpe:2.3:a:sendmail:sendmail:8.12:beta12
  • Sendmail Sendmail 8.12 Beta16
    cpe:2.3:a:sendmail:sendmail:8.12:beta16
  • Sendmail Sendmail 8.12 Beta5
    cpe:2.3:a:sendmail:sendmail:8.12:beta5
  • Sendmail Sendmail 8.12 beta7
    cpe:2.3:a:sendmail:sendmail:8.12:beta7
  • Sendmail Sendmail 8.12.0
    cpe:2.3:a:sendmail:sendmail:8.12.0
  • Sendmail Sendmail 8.12.1
    cpe:2.3:a:sendmail:sendmail:8.12.1
  • Sendmail Sendmail 8.12.2
    cpe:2.3:a:sendmail:sendmail:8.12.2
  • Sendmail Sendmail 8.12.3
    cpe:2.3:a:sendmail:sendmail:8.12.3
  • Sendmail Sendmail 8.12.4
    cpe:2.3:a:sendmail:sendmail:8.12.4
  • Sendmail Sendmail 8.12.5
    cpe:2.3:a:sendmail:sendmail:8.12.5
  • Sendmail Sendmail 8.12.6
    cpe:2.3:a:sendmail:sendmail:8.12.6
  • Sendmail Sendmail 8.12.7
    cpe:2.3:a:sendmail:sendmail:8.12.7
  • Sendmail Sendmail 8.12.8
    cpe:2.3:a:sendmail:sendmail:8.12.8
  • cpe:2.3:a:sendmail:sendmail_switch:2.1
    cpe:2.3:a:sendmail:sendmail_switch:2.1
  • cpe:2.3:a:sendmail:sendmail_switch:2.1.1
    cpe:2.3:a:sendmail:sendmail_switch:2.1.1
  • cpe:2.3:a:sendmail:sendmail_switch:2.1.2
    cpe:2.3:a:sendmail:sendmail_switch:2.1.2
  • cpe:2.3:a:sendmail:sendmail_switch:2.1.3
    cpe:2.3:a:sendmail:sendmail_switch:2.1.3
  • cpe:2.3:a:sendmail:sendmail_switch:2.1.4
    cpe:2.3:a:sendmail:sendmail_switch:2.1.4
  • cpe:2.3:a:sendmail:sendmail_switch:2.1.5
    cpe:2.3:a:sendmail:sendmail_switch:2.1.5
  • cpe:2.3:a:sendmail:sendmail_switch:2.2
    cpe:2.3:a:sendmail:sendmail_switch:2.2
  • cpe:2.3:a:sendmail:sendmail_switch:2.2.1
    cpe:2.3:a:sendmail:sendmail_switch:2.2.1
  • cpe:2.3:a:sendmail:sendmail_switch:2.2.2
    cpe:2.3:a:sendmail:sendmail_switch:2.2.2
  • cpe:2.3:a:sendmail:sendmail_switch:2.2.3
    cpe:2.3:a:sendmail:sendmail_switch:2.2.3
  • cpe:2.3:a:sendmail:sendmail_switch:2.2.4
    cpe:2.3:a:sendmail:sendmail_switch:2.2.4
  • cpe:2.3:a:sendmail:sendmail_switch:2.2.5
    cpe:2.3:a:sendmail:sendmail_switch:2.2.5
  • cpe:2.3:a:sendmail:sendmail_switch:3.0
    cpe:2.3:a:sendmail:sendmail_switch:3.0
  • cpe:2.3:a:sendmail:sendmail_switch:3.0.1
    cpe:2.3:a:sendmail:sendmail_switch:3.0.1
  • cpe:2.3:a:sendmail:sendmail_switch:3.0.2
    cpe:2.3:a:sendmail:sendmail_switch:3.0.2
  • cpe:2.3:a:sendmail:sendmail_switch:3.0.3
    cpe:2.3:a:sendmail:sendmail_switch:3.0.3
  • Compaq Tru64 4.0b
    cpe:2.3:o:compaq:tru64:4.0b
  • Compaq Tru64 4.0d
    cpe:2.3:o:compaq:tru64:4.0d
  • Compaq Tru64 4.0d PK9_BL17
    cpe:2.3:o:compaq:tru64:4.0d_pk9_bl17
  • Compaq Tru64 4.0f
    cpe:2.3:o:compaq:tru64:4.0f
  • Compaq Tru64 4.0f PK6_BL17
    cpe:2.3:o:compaq:tru64:4.0f_pk6_bl17
  • Compaq Tru64 4.0f PK7_BL18
    cpe:2.3:o:compaq:tru64:4.0f_pk7_bl18
  • Compaq Tru64 4.0g
    cpe:2.3:o:compaq:tru64:4.0g
  • Compaq Tru64 4.0g PK3_BL17
    cpe:2.3:o:compaq:tru64:4.0g_pk3_bl17
  • Compaq Tru64 5.0
    cpe:2.3:o:compaq:tru64:5.0
  • Compaq Tru64 5.0 PK4_BL17
    cpe:2.3:o:compaq:tru64:5.0_pk4_bl17
  • Compaq Tru64 5.0 PK4_BL18
    cpe:2.3:o:compaq:tru64:5.0_pk4_bl18
  • Compaq Tru64 5.0a
    cpe:2.3:o:compaq:tru64:5.0a
  • Compaq Tru64 5.0a PK3_BL17
    cpe:2.3:o:compaq:tru64:5.0a_pk3_bl17
  • Compaq Tru64 5.0f
    cpe:2.3:o:compaq:tru64:5.0f
  • Compaq Tru64 5.1
    cpe:2.3:o:compaq:tru64:5.1
  • Compaq Tru64 5.1 PK3_BL17
    cpe:2.3:o:compaq:tru64:5.1_pk3_bl17
  • Compaq Tru64 5.1 PK4_BL18
    cpe:2.3:o:compaq:tru64:5.1_pk4_bl18
  • Compaq Tru64 5.1 PK5_BL19
    cpe:2.3:o:compaq:tru64:5.1_pk5_bl19
  • Compaq Tru64 5.1 PK6_BL20
    cpe:2.3:o:compaq:tru64:5.1_pk6_bl20
  • Compaq Tru64 5.1a
    cpe:2.3:o:compaq:tru64:5.1a
  • Compaq Tru64 5.1a PK1_BL1
    cpe:2.3:o:compaq:tru64:5.1a_pk1_bl1
  • Compaq Tru64 5.1a PK2_BL2
    cpe:2.3:o:compaq:tru64:5.1a_pk2_bl2
  • Compaq Tru64 5.1a PK3_BL3
    cpe:2.3:o:compaq:tru64:5.1a_pk3_bl3
  • Compaq Tru64 5.1b
    cpe:2.3:o:compaq:tru64:5.1b
  • Compaq Tru64 5.1b PK1_BL1
    cpe:2.3:o:compaq:tru64:5.1b_pk1_bl1
  • HP HP-UX 10.00
    cpe:2.3:o:hp:hp-ux:10.00
  • HP HP-UX 10.01
    cpe:2.3:o:hp:hp-ux:10.01
  • HP HP-UX 10.8
    cpe:2.3:o:hp:hp-ux:10.08
  • HP HP-UX 10.9
    cpe:2.3:o:hp:hp-ux:10.09
  • HP HP-UX 10.10
    cpe:2.3:o:hp:hp-ux:10.10
  • HP HP-UX 10.16
    cpe:2.3:o:hp:hp-ux:10.16
  • HP HP-UX 10.20
    cpe:2.3:o:hp:hp-ux:10.20
  • HP HP-UX 10.24
    cpe:2.3:o:hp:hp-ux:10.24
  • HP HP-UX 10.26
    cpe:2.3:o:hp:hp-ux:10.26
  • HP HP-UX 10.30
    cpe:2.3:o:hp:hp-ux:10.30
  • HP HP-UX 10.34
    cpe:2.3:o:hp:hp-ux:10.34
  • HP-UX 11.00
    cpe:2.3:o:hp:hp-ux:11.00
  • HP HP-UX 11.0.4
    cpe:2.3:o:hp:hp-ux:11.0.4
  • HP-UX 11.11
    cpe:2.3:o:hp:hp-ux:11.11
  • HP-UX 11i v1.5
    cpe:2.3:o:hp:hp-ux:11.20
  • HP-UX 11i v1.6
    cpe:2.3:o:hp:hp-ux:11.22
  • HP hp-ux series 700 10.20
    cpe:2.3:o:hp:hp-ux_series_700:10.20
  • HP hp-ux series 800 10.20
    cpe:2.3:o:hp:hp-ux_series_800:10.20
  • cpe:2.3:o:hp:sis
    cpe:2.3:o:hp:sis
  • cpe:2.3:o:sun:solaris:2.4:-:x86
    cpe:2.3:o:sun:solaris:2.4:-:x86
  • cpe:2.3:o:sun:solaris:2.5:-:x86
    cpe:2.3:o:sun:solaris:2.5:-:x86
  • cpe:2.3:o:sun:solaris:2.5.1:-:ppc
    cpe:2.3:o:sun:solaris:2.5.1:-:ppc
  • cpe:2.3:o:sun:solaris:2.5.1:-:x86
    cpe:2.3:o:sun:solaris:2.5.1:-:x86
  • Sun Solaris 2.6
    cpe:2.3:o:sun:solaris:2.6
  • cpe:2.3:o:sun:solaris:7.0:-:x86
    cpe:2.3:o:sun:solaris:7.0:-:x86
  • cpe:2.3:o:sun:solaris:8.0:-:x86
    cpe:2.3:o:sun:solaris:8.0:-:x86
  • cpe:2.3:o:sun:solaris:9.0:-:sparc
    cpe:2.3:o:sun:solaris:9.0:-:sparc
  • cpe:2.3:o:sun:solaris:9.0:-:x86
    cpe:2.3:o:sun:solaris:9.0:-:x86
  • cpe:2.3:o:sun:solaris:9.0:x86_update_2
    cpe:2.3:o:sun:solaris:9.0:x86_update_2
  • Sun SunOS (formerly Solaris)
    cpe:2.3:o:sun:sunos
  • Sun Microsystems Solaris 2.4
    cpe:2.3:o:sun:sunos:5.4
  • Sun Microsystems Solaris 2.5
    cpe:2.3:o:sun:sunos:5.5
  • Sun Microsystems Solaris 2.5.1
    cpe:2.3:o:sun:sunos:5.5.1
  • Sun Microsystems Solaris 7
    cpe:2.3:o:sun:sunos:5.7
  • Sun SunOS (Solaris 8) 5.8
    cpe:2.3:o:sun:sunos:5.8
CVSS
Base: 10.0 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
exploit-db via4
  • description Sendmail <= 8.12.8 prescan() BSD Remote Root Exploit. CVE-2003-0161. Remote exploit for linux platform
    id EDB-ID:24
    last seen 2016-01-31
    modified 2003-04-30
    published 2003-04-30
    reporter bysin
    source https://www.exploit-db.com/download/24/
    title Sendmail <= 8.12.8 prescan BSD Remote Root Exploit
  • description sendmail 8.11.6 Address Prescan Memory Corruption Vulnerability. CVE-2003-0161. Remote exploit for unix platform
    id EDB-ID:22442
    last seen 2016-02-02
    modified 2003-03-29
    published 2003-03-29
    reporter sorbo
    source https://www.exploit-db.com/download/22442/
    title sendmail 8.11.6 Address Prescan Memory Corruption Vulnerability
nessus via4
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHNE_29526.NASL
    description s700_800 11.04 (VVOS) sendmail(1m) 8.9.3 patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with HP-UX sendmail, where the vulnerability may be exploited remotely to gain unauthorized access or create a denial of service (DoS). References: CERT CA-2003-12. (HPSBUX00253 SSRT3531) - A potential security vulnerability has been identified with HP-UX running sendmail, where the vulnerability may be exploited remotely to gain unauthorized access and create a Denial of Service (DoS). References: CERT CA-2003-07, CAN-2002-1337. (HPSBUX00246 SSRT3469)
    last seen 2019-02-21
    modified 2017-04-27
    plugin id 16898
    published 2005-02-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=16898
    title HP-UX PHNE_29526 : s700_800 11.04 (VVOS) sendmail(1m) 8.9.3 patch
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2003-121.NASL
    description Updated Sendmail packages are available to fix a vulnerability that allows local and possibly remote attackers to gain root privileges. Sendmail is a widely used Mail Transport Agent (MTA) which is included in all Red Hat Enterprise Linux distributions. There is a vulnerability in Sendmail versions 8.12.8 and prior. The address parser performs insufficient bounds checking in certain conditions due to a char to int conversion, making it possible for an attacker to take control of the application. Although no exploit currently exists, this issue is probably locally exploitable and may be remotely exploitable. All users are advised to update to these erratum packages containing a backported patch which corrects these vulnerabilities. Red Hat would like to thank Michal Zalewski for finding and reporting this issue.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 12385
    published 2004-07-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=12385
    title RHEL 2.1 : sendmail (RHSA-2003:121)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-290.NASL
    description Michal Zalewski discovered a buffer overflow, triggered by a char to int conversion, in the address parsing code in sendmail, a widely used powerful, efficient, and scalable mail transport agent. This problem is potentially remotely exploitable.
    last seen 2019-02-21
    modified 2018-07-20
    plugin id 15127
    published 2004-09-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15127
    title Debian DSA-290-1 : sendmail-wide - char-to-int conversion
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2003-042.NASL
    description Michal Zalweski discovered a vulnerability in sendmail versions earlier than 8.12.9 in the address parser, which performs insufficient bounds checking in certain conditions due to a char to int conversion. This vulnerability makes it poissible for an attacker to take control of sendmail and is thought to be remotely exploitable, and very likely locally exploitable. Updated packages are available with patches applied (the older versions), and the new fixed version is available for Mandrake Linux 9.1 users. Update : The packages for Mandrake Linux 9.1 and 9.1/PPC were not GPG-signed. This has been fixed and as a result the md5sums have changed. Thanks to Mark Lyda for pointing this out.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 14026
    published 2004-07-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=14026
    title Mandrake Linux Security Advisory : sendmail (MDKSA-2003:042-1)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHNE_28409.NASL
    description s700_800 11.22 sendmail(1m) 8.11.1 patch : The remote HP-UX host is affected by multiple vulnerabilities : - Sendmail Restricted Shell (smrsh) may let local users bypass restrictions to execute code. - A potential security vulnerability has been identified with HP-UX sendmail, where the vulnerability may be exploited remotely to gain unauthorized access or create a denial of service (DoS). References: CERT CA-2003-12. (HPSBUX00253 SSRT3531) - A potential security vulnerability has been identified with HP-UX running sendmail, where the vulnerability may be exploited remotely to gain unauthorized access and create a Denial of Service (DoS). References: CERT CA-2003-07, CAN-2002-1337. (HPSBUX00246 SSRT3469)
    last seen 2019-02-21
    modified 2017-04-27
    plugin id 16634
    published 2005-02-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=16634
    title HP-UX PHNE_28409 : s700_800 11.22 sendmail(1m) 8.11.1 patch
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHNE_35483.NASL
    description s700_800 11.00 sendmail(1M) 8.9.3 patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with HP-UX running sendmail, where the vulnerability may be exploited remotely to gain unauthorized access and create a Denial of Service (DoS). References: CERT CA-2003-07, CAN-2002-1337. (HPSBUX00246 SSRT3469) - A vulnerability has been identified in sendmail which may allow a remote attacker to execute arbitrary code. References: CVE-2006-0058, US-CERT VU#834865. (HPSBUX02108 SSRT061133) - A potential security vulnerability has been identified with HP-UX running sendmail, where the vulnerability could be exploited remotely to gain unauthorized privileged access. References: CERT/CC CA-2003-25, CAN-2003-0681. (HPSBUX00281 SSRT3631) - A potential security vulnerability has been identified with HP-UX sendmail, where the vulnerability may be exploited remotely to gain unauthorized access or create a denial of service (DoS). References: CERT CA-2003-12. (HPSBUX00253 SSRT3531) - A potential security vulnerability has been identified with HP-UX running sendmail. This vulnerability could allow a remote user to cause a Denial of Service (DoS). (HPSBUX02183 SSRT061243)
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 26133
    published 2007-09-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=26133
    title HP-UX PHNE_35483 : s700_800 11.00 sendmail(1M) 8.9.3 patch
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-278.NASL
    description Michal Zalewski discovered a buffer overflow, triggered by a char to int conversion, in the address parsing code in sendmail, a widely used powerful, efficient, and scalable mail transport agent. This problem is potentially remotely exploitable.
    last seen 2019-02-21
    modified 2018-07-20
    plugin id 15115
    published 2004-09-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15115
    title Debian DSA-278-1 : sendmail - char-to-int conversion
  • NASL family SMTP problems
    NASL id SENDMAIL_CONVERSION_OVERFLOW.NASL
    description The remote Sendmail server, according to its version number, may be vulnerable to a remote buffer overflow allowing remote users to gain root privileges. Sendmail versions from 5.79 to 8.12.8 are vulnerable. NOTE: manual patches do not change the version numbers. Vendors who have released patched versions of Sendmail may still falsely show a vulnerability. *** Nessus reports this vulnerability using only the banner of the *** remote SMTP server. Therefore, this might be a false positive.
    last seen 2019-02-21
    modified 2018-09-17
    plugin id 11499
    published 2003-03-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=11499
    title Sendmail < 8.12.9 NOCHAR Control Value prescan Overflow
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHNE_35484.NASL
    description s700_800 11.11 sendmail(1M) 8.9.3 patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with HP-UX running sendmail, where the vulnerability could be exploited remotely to gain unauthorized privileged access. References: CERT/CC CA-2003-25, CAN-2003-0681. (HPSBUX00281 SSRT3631) - A vulnerability has been identified in sendmail which may allow a remote attacker to execute arbitrary code. References: CVE-2006-0058, US-CERT VU#834865. (HPSBUX02108 SSRT061133) - A potential security vulnerability has been identified with HP-UX sendmail, where the vulnerability may be exploited remotely to gain unauthorized access or create a denial of service (DoS). References: CERT CA-2003-12. (HPSBUX00253 SSRT3531) - A potential security vulnerability has been identified with HP-UX running sendmail. This vulnerability could allow a remote user to cause a Denial of Service (DoS). (HPSBUX02183 SSRT061243) - A potential security vulnerability has been identified with HP-UX running sendmail, where the vulnerability may be exploited remotely to gain unauthorized access and create a Denial of Service (DoS). References: CERT CA-2003-07, CAN-2002-1337. (HPSBUX00246 SSRT3469)
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 26134
    published 2007-09-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=26134
    title HP-UX PHNE_35484 : s700_800 11.11 sendmail(1M) 8.9.3 patch
redhat via4
advisories
  • rhsa
    id RHSA-2003:120
  • rhsa
    id RHSA-2003:121
refmap via4
bid 7230
bugtraq
  • 20030329 Sendmail: -1 gone wild
  • 20030329 sendmail 8.12.9 available
  • 20030330 [OpenPKG-SA-2003.027] OpenPKG Security Advisory (sendmail)
  • 20030331 GLSA: sendmail (200303-27)
  • 20030401 Immunix Secured OS 7+ openssl update
  • 20030520 [Fwd: 127 Research and Development: 127 Day!]
caldera CSSA-2003-016.0
cert CA-2003-12
cert-vn VU#897604
conectiva CLA-2003:614
confirm http://lists.apple.com/mhonarc/security-announce/msg00028.html
debian
  • DSA-278
  • DSA-290
freebsd FreeBSD-SA-03:07
fulldisc 20030329 Sendmail: -1 gone wild
gentoo GLSA-200303-27
hp SSRT3531
immunix IMNX-2003-7+-002-01
sco SCOSA-2004.11
sgi 20030401-01-P
sunalert
  • 1001088
  • 52620
  • 52700
suse SuSE-SA:2003:023
Last major update 17-10-2016 - 22:30
Published 02-04-2003 - 00:00
Last modified 30-10-2018 - 12:26
Back to Top