ID CVE-2003-0681
Summary A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.
References
Vulnerable Configurations
  • Sendmail Sendmail Advanced Message Server 1.2
    cpe:2.3:a:sendmail:advanced_message_server:1.2
  • Sendmail Sendmail Advanced Message Server 1.3
    cpe:2.3:a:sendmail:advanced_message_server:1.3
  • Sendmail Sendmail 2.6
    cpe:2.3:a:sendmail:sendmail:2.6
  • Sendmail Sendmail 2.6.1
    cpe:2.3:a:sendmail:sendmail:2.6.1
  • Sendmail Sendmail 2.6.2
    cpe:2.3:a:sendmail:sendmail:2.6.2
  • Sendmail Sendmail 3.0
    cpe:2.3:a:sendmail:sendmail:3.0
  • Sendmail Sendmail 3.0.1
    cpe:2.3:a:sendmail:sendmail:3.0.1
  • Sendmail Sendmail 3.0.2
    cpe:2.3:a:sendmail:sendmail:3.0.2
  • Sendmail Sendmail 3.0.3
    cpe:2.3:a:sendmail:sendmail:3.0.3
  • Sendmail Sendmail 8.8.8
    cpe:2.3:a:sendmail:sendmail:8.8.8
  • Sendmail Sendmail 8.9.0
    cpe:2.3:a:sendmail:sendmail:8.9.0
  • Sendmail Sendmail 8.9.1
    cpe:2.3:a:sendmail:sendmail:8.9.1
  • Sendmail Sendmail 8.9.2
    cpe:2.3:a:sendmail:sendmail:8.9.2
  • Sendmail Sendmail 8.9.3
    cpe:2.3:a:sendmail:sendmail:8.9.3
  • Sendmail Sendmail 8.10
    cpe:2.3:a:sendmail:sendmail:8.10
  • Sendmail Sendmail 8.10.1
    cpe:2.3:a:sendmail:sendmail:8.10.1
  • Sendmail Sendmail 8.10.2
    cpe:2.3:a:sendmail:sendmail:8.10.2
  • Sendmail Sendmail 8.11
    cpe:2.3:a:sendmail:sendmail:8.11.0
  • Sendmail Sendmail 8.11.1
    cpe:2.3:a:sendmail:sendmail:8.11.1
  • Sendmail Sendmail 8.11.2
    cpe:2.3:a:sendmail:sendmail:8.11.2
  • Sendmail Sendmail 8.11.3
    cpe:2.3:a:sendmail:sendmail:8.11.3
  • Sendmail Sendmail 8.11.4
    cpe:2.3:a:sendmail:sendmail:8.11.4
  • Sendmail Sendmail 8.11.5
    cpe:2.3:a:sendmail:sendmail:8.11.5
  • Sendmail Sendmail 8.11.6
    cpe:2.3:a:sendmail:sendmail:8.11.6
  • Sendmail Sendmail 8.12 Beta10
    cpe:2.3:a:sendmail:sendmail:8.12:beta10
  • Sendmail Sendmail 8.12 Beta12
    cpe:2.3:a:sendmail:sendmail:8.12:beta12
  • Sendmail Sendmail 8.12 Beta16
    cpe:2.3:a:sendmail:sendmail:8.12:beta16
  • Sendmail Sendmail 8.12 Beta5
    cpe:2.3:a:sendmail:sendmail:8.12:beta5
  • Sendmail Sendmail 8.12 beta7
    cpe:2.3:a:sendmail:sendmail:8.12:beta7
  • Sendmail Sendmail 8.12.0
    cpe:2.3:a:sendmail:sendmail:8.12.0
  • Sendmail Sendmail 8.12.1
    cpe:2.3:a:sendmail:sendmail:8.12.1
  • Sendmail Sendmail 8.12.2
    cpe:2.3:a:sendmail:sendmail:8.12.2
  • Sendmail Sendmail 8.12.3
    cpe:2.3:a:sendmail:sendmail:8.12.3
  • Sendmail Sendmail 8.12.4
    cpe:2.3:a:sendmail:sendmail:8.12.4
  • Sendmail Sendmail 8.12.5
    cpe:2.3:a:sendmail:sendmail:8.12.5
  • Sendmail Sendmail 8.12.6
    cpe:2.3:a:sendmail:sendmail:8.12.6
  • Sendmail Sendmail 8.12.7
    cpe:2.3:a:sendmail:sendmail:8.12.7
  • Sendmail Sendmail 8.12.8
    cpe:2.3:a:sendmail:sendmail:8.12.8
  • Sendmail Sendmail 8.12.9
    cpe:2.3:a:sendmail:sendmail:8.12.9
  • Sendmail Sendmail Pro 8.9.2
    cpe:2.3:a:sendmail:sendmail_pro:8.9.2
  • Sendmail Sendmail Pro 8.9.3
    cpe:2.3:a:sendmail:sendmail_pro:8.9.3
  • cpe:2.3:a:sendmail:sendmail_switch:2.1
    cpe:2.3:a:sendmail:sendmail_switch:2.1
  • cpe:2.3:a:sendmail:sendmail_switch:2.1.1
    cpe:2.3:a:sendmail:sendmail_switch:2.1.1
  • cpe:2.3:a:sendmail:sendmail_switch:2.1.2
    cpe:2.3:a:sendmail:sendmail_switch:2.1.2
  • cpe:2.3:a:sendmail:sendmail_switch:2.1.3
    cpe:2.3:a:sendmail:sendmail_switch:2.1.3
  • cpe:2.3:a:sendmail:sendmail_switch:2.1.4
    cpe:2.3:a:sendmail:sendmail_switch:2.1.4
  • cpe:2.3:a:sendmail:sendmail_switch:2.1.5
    cpe:2.3:a:sendmail:sendmail_switch:2.1.5
  • cpe:2.3:a:sendmail:sendmail_switch:2.2
    cpe:2.3:a:sendmail:sendmail_switch:2.2
  • cpe:2.3:a:sendmail:sendmail_switch:2.2.1
    cpe:2.3:a:sendmail:sendmail_switch:2.2.1
  • cpe:2.3:a:sendmail:sendmail_switch:2.2.2
    cpe:2.3:a:sendmail:sendmail_switch:2.2.2
  • cpe:2.3:a:sendmail:sendmail_switch:2.2.3
    cpe:2.3:a:sendmail:sendmail_switch:2.2.3
  • cpe:2.3:a:sendmail:sendmail_switch:2.2.4
    cpe:2.3:a:sendmail:sendmail_switch:2.2.4
  • cpe:2.3:a:sendmail:sendmail_switch:2.2.5
    cpe:2.3:a:sendmail:sendmail_switch:2.2.5
  • cpe:2.3:a:sendmail:sendmail_switch:3.0
    cpe:2.3:a:sendmail:sendmail_switch:3.0
  • cpe:2.3:a:sendmail:sendmail_switch:3.0.1
    cpe:2.3:a:sendmail:sendmail_switch:3.0.1
  • cpe:2.3:a:sendmail:sendmail_switch:3.0.2
    cpe:2.3:a:sendmail:sendmail_switch:3.0.2
  • cpe:2.3:a:sendmail:sendmail_switch:3.0.3
    cpe:2.3:a:sendmail:sendmail_switch:3.0.3
  • Apple Mac OS X 10.2
    cpe:2.3:o:apple:mac_os_x:10.2
  • Apple Mac OS X 10.2.1
    cpe:2.3:o:apple:mac_os_x:10.2.1
  • Apple Mac OS X 10.2.2
    cpe:2.3:o:apple:mac_os_x:10.2.2
  • Apple Mac OS X 10.2.3
    cpe:2.3:o:apple:mac_os_x:10.2.3
  • Apple Mac OS X 10.2.4
    cpe:2.3:o:apple:mac_os_x:10.2.4
  • Apple Mac OS X 10.2.5
    cpe:2.3:o:apple:mac_os_x:10.2.5
  • Apple Mac OS X 10.2.6
    cpe:2.3:o:apple:mac_os_x:10.2.6
  • Apple Mac OS X Server 10.2
    cpe:2.3:o:apple:mac_os_x_server:10.2
  • Apple Mac OS X Server 10.2.1
    cpe:2.3:o:apple:mac_os_x_server:10.2.1
  • Apple Mac OS X Server 10.2.2
    cpe:2.3:o:apple:mac_os_x_server:10.2.2
  • Apple Mac OS X Server 10.2.3
    cpe:2.3:o:apple:mac_os_x_server:10.2.3
  • Apple Mac OS X Server 10.2.4
    cpe:2.3:o:apple:mac_os_x_server:10.2.4
  • Apple Mac OS X Server 10.2.5
    cpe:2.3:o:apple:mac_os_x_server:10.2.5
  • Apple Mac OS X Server 10.2.6
    cpe:2.3:o:apple:mac_os_x_server:10.2.6
  • cpe:2.3:o:gentoo:linux:0.5
    cpe:2.3:o:gentoo:linux:0.5
  • cpe:2.3:o:gentoo:linux:0.7
    cpe:2.3:o:gentoo:linux:0.7
  • cpe:2.3:o:gentoo:linux:1.1a
    cpe:2.3:o:gentoo:linux:1.1a
  • Gentoo Linux 1.2
    cpe:2.3:o:gentoo:linux:1.2
  • Gentoo Linux 1.4 rc1
    cpe:2.3:o:gentoo:linux:1.4:rc1
  • Gentoo Linux 1.4 rc2
    cpe:2.3:o:gentoo:linux:1.4:rc2
  • Gentoo Linux 1.4 rc3
    cpe:2.3:o:gentoo:linux:1.4:rc3
  • HP-UX 11.00
    cpe:2.3:o:hp:hp-ux:11.00
  • HP HP-UX 11.0.4
    cpe:2.3:o:hp:hp-ux:11.0.4
  • HP-UX 11.11
    cpe:2.3:o:hp:hp-ux:11.11
  • HP-UX 11i v1.6
    cpe:2.3:o:hp:hp-ux:11.22
  • IBM AIX 4.3.3
    cpe:2.3:o:ibm:aix:4.3.3
  • IBM AIX 5.1
    cpe:2.3:o:ibm:aix:5.1
  • IBM AIX 5.2
    cpe:2.3:o:ibm:aix:5.2
  • NetBSD 1.4.3
    cpe:2.3:o:netbsd:netbsd:1.4.3
  • NetBSD 1.5
    cpe:2.3:o:netbsd:netbsd:1.5
  • cpe:2.3:o:netbsd:netbsd:1.5:-:sh3
    cpe:2.3:o:netbsd:netbsd:1.5:-:sh3
  • cpe:2.3:o:netbsd:netbsd:1.5:-:x86
    cpe:2.3:o:netbsd:netbsd:1.5:-:x86
  • NetBSD 1.5.1
    cpe:2.3:o:netbsd:netbsd:1.5.1
  • NetBSD 1.5.2
    cpe:2.3:o:netbsd:netbsd:1.5.2
  • NetBSD 1.5.3
    cpe:2.3:o:netbsd:netbsd:1.5.3
  • NetBSD 1.6
    cpe:2.3:o:netbsd:netbsd:1.6
  • NetBSD 1.6 Beta
    cpe:2.3:o:netbsd:netbsd:1.6:beta
  • NetBSD 1.6.1
    cpe:2.3:o:netbsd:netbsd:1.6.1
  • OpenBSD 3.2
    cpe:2.3:o:openbsd:openbsd:3.2
  • OpenBSD 3.3
    cpe:2.3:o:openbsd:openbsd:3.3
  • cpe:2.3:o:turbolinux:turbolinux_advanced_server:6.0
    cpe:2.3:o:turbolinux:turbolinux_advanced_server:6.0
  • cpe:2.3:o:turbolinux:turbolinux_server:6.1
    cpe:2.3:o:turbolinux:turbolinux_server:6.1
  • cpe:2.3:o:turbolinux:turbolinux_server:6.5
    cpe:2.3:o:turbolinux:turbolinux_server:6.5
  • cpe:2.3:o:turbolinux:turbolinux_server:7.0
    cpe:2.3:o:turbolinux:turbolinux_server:7.0
  • cpe:2.3:o:turbolinux:turbolinux_server:8.0
    cpe:2.3:o:turbolinux:turbolinux_server:8.0
  • cpe:2.3:o:turbolinux:turbolinux_workstation:6.0
    cpe:2.3:o:turbolinux:turbolinux_workstation:6.0
  • cpe:2.3:o:turbolinux:turbolinux_workstation:7.0
    cpe:2.3:o:turbolinux:turbolinux_workstation:7.0
  • cpe:2.3:o:turbolinux:turbolinux_workstation:8.0
    cpe:2.3:o:turbolinux:turbolinux_workstation:8.0
CVSS
Base: 7.5 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
exploit-db via4
description Sendmail 8.12.9 Prescan() Variant Remote Buffer Overrun Vulnerability. CVE-2003-0681. Local exploit for linux platform
id EDB-ID:23154
last seen 2016-02-02
modified 2003-09-17
published 2003-09-17
reporter Gyan Chawdhary
source https://www.exploit-db.com/download/23154/
title Sendmail 8.12.9 Prescan Variant Remote Buffer Overrun Vulnerability
nessus via4
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHNE_35485.NASL
    description s700_800 11.23 sendmail(1M) 8.11.1 patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with HP-UX running sendmail. This vulnerability could allow a remote user to cause a Denial of Service (DoS). (HPSBUX02183 SSRT061243) - A vulnerability has been identified in sendmail which may allow a remote attacker to execute arbitrary code. References: CVE-2006-0058, US-CERT VU#834865. (HPSBUX02108 SSRT061133) - A potential security vulnerability has been identified with HP-UX running sendmail, where the vulnerability could be exploited remotely to gain unauthorized privileged access. References: CERT/CC CA-2003-25, CAN-2003-0681. (HPSBUX00281 SSRT3631)
    last seen 2019-02-21
    modified 2018-08-10
    plugin id 26135
    published 2007-09-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=26135
    title HP-UX PHNE_35485 : s700_800 11.23 sendmail(1M) 8.11.1 patch
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-384.NASL
    description Two vulnerabilities were reported in sendmail. - CAN-2003-0681 : A 'potential buffer overflow in ruleset parsing' for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences. - CAN-2003-0694 : The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.
    last seen 2019-02-21
    modified 2018-07-20
    plugin id 15221
    published 2004-09-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=15221
    title Debian DSA-384-1 : sendmail - buffer overflows
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHNE_35483.NASL
    description s700_800 11.00 sendmail(1M) 8.9.3 patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with HP-UX running sendmail, where the vulnerability may be exploited remotely to gain unauthorized access and create a Denial of Service (DoS). References: CERT CA-2003-07, CAN-2002-1337. (HPSBUX00246 SSRT3469) - A vulnerability has been identified in sendmail which may allow a remote attacker to execute arbitrary code. References: CVE-2006-0058, US-CERT VU#834865. (HPSBUX02108 SSRT061133) - A potential security vulnerability has been identified with HP-UX running sendmail, where the vulnerability could be exploited remotely to gain unauthorized privileged access. References: CERT/CC CA-2003-25, CAN-2003-0681. (HPSBUX00281 SSRT3631) - A potential security vulnerability has been identified with HP-UX sendmail, where the vulnerability may be exploited remotely to gain unauthorized access or create a denial of service (DoS). References: CERT CA-2003-12. (HPSBUX00253 SSRT3531) - A potential security vulnerability has been identified with HP-UX running sendmail. This vulnerability could allow a remote user to cause a Denial of Service (DoS). (HPSBUX02183 SSRT061243)
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 26133
    published 2007-09-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=26133
    title HP-UX PHNE_35483 : s700_800 11.00 sendmail(1M) 8.9.3 patch
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2003-092.NASL
    description A buffer overflow vulnerability was discovered in the address parsing code in all versions of sendmail prior to 8.12.10 by Michal Zalewski, with a patch to fix the problem provided by Todd C. Miller. This vulnerability seems to be remotely exploitable on Linux systems running on the x86 platform; the sendmail team is unsure of other platforms (CVE-2003-0694). Another potential buffer overflow was fixed in ruleset parsing which is not exploitable in the default sendmail configuration. A problem may occur if non-standard rulesets recipient (2), final (4), or mailer- specific envelope recipients rulesets are use. This problem was discovered by Timo Sirainen (CVE-2003-0681). MandrakeSoft encourages all users who use sendmail to upgrade to the provided packages which are patched to fix both problems.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 14074
    published 2004-07-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=14074
    title Mandrake Linux Security Advisory : sendmail (MDKSA-2003:092)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHNE_29912.NASL
    description s700_800 11.22 sendmail(1m) 8.11.1 patch : A potential security vulnerability has been identified with HP-UX running sendmail, where the vulnerability could be exploited remotely to gain unauthorized privileged access. References: CERT/CC CA-2003-25, CAN-2003-0681.
    last seen 2019-02-21
    modified 2015-01-14
    plugin id 16855
    published 2005-02-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=16855
    title HP-UX PHNE_29912 : HP-UX sendmail, Remote Unauthorized Privileged Access (HPSBUX00281 SSRT3631 rev.11)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHNE_30224.NASL
    description s700_800 11.04 (VVOS) sendmail(1m) 8.9.3 patch : A potential security vulnerability has been identified with HP-UX running sendmail, where the vulnerability could be exploited remotely to gain unauthorized privileged access. References: CERT/CC CA-2003-25, CAN-2003-0681.
    last seen 2019-02-21
    modified 2015-01-14
    plugin id 16704
    published 2005-02-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=16704
    title HP-UX PHNE_30224 : HP-UX sendmail, Remote Unauthorized Privileged Access (HPSBUX00281 SSRT3631 rev.11)
  • NASL family SMTP problems
    NASL id SENDMAIL_PRESCAN_OVERFLOW.NASL
    description According to its version number, the remote Sendmail server is between 5.79 to 8.12.9. Such versions are reportedly vulnerable to remote buffer overflow attacks, one in the 'prescan()' function and another involving its ruleset processing. A remote user may be able to leverage these issues to gain root privileges.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 11838
    published 2003-09-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=11838
    title Sendmail < 8.12.10 prescan() Function Remote Overflow
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHNE_35484.NASL
    description s700_800 11.11 sendmail(1M) 8.9.3 patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with HP-UX running sendmail, where the vulnerability could be exploited remotely to gain unauthorized privileged access. References: CERT/CC CA-2003-25, CAN-2003-0681. (HPSBUX00281 SSRT3631) - A vulnerability has been identified in sendmail which may allow a remote attacker to execute arbitrary code. References: CVE-2006-0058, US-CERT VU#834865. (HPSBUX02108 SSRT061133) - A potential security vulnerability has been identified with HP-UX sendmail, where the vulnerability may be exploited remotely to gain unauthorized access or create a denial of service (DoS). References: CERT CA-2003-12. (HPSBUX00253 SSRT3531) - A potential security vulnerability has been identified with HP-UX running sendmail. This vulnerability could allow a remote user to cause a Denial of Service (DoS). (HPSBUX02183 SSRT061243) - A potential security vulnerability has been identified with HP-UX running sendmail, where the vulnerability may be exploited remotely to gain unauthorized access and create a Denial of Service (DoS). References: CERT CA-2003-07, CAN-2002-1337. (HPSBUX00246 SSRT3469)
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 26134
    published 2007-09-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=26134
    title HP-UX PHNE_35484 : s700_800 11.11 sendmail(1M) 8.9.3 patch
oval via4
  • accepted 2016-02-19T10:00:00.000-04:00
    class vulnerability
    contributors
    name Brian Soby
    organization The MITRE Corporation
    description A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.
    family unix
    id oval:org.mitre.oval:def:3606
    status accepted
    submitted 2004-10-12T12:26:00.000-04:00
    title Sendmail Ruleset Parsing Buffer Overflow
    version 31
  • accepted 2010-09-20T04:00:31.385-04:00
    class vulnerability
    contributors
    • name Jay Beale
      organization Bastille Linux
    • name Jay Beale
      organization Bastille Linux
    • name Thomas R. Jones
      organization Maitreya Security
    • name Jonathan Baker
      organization The MITRE Corporation
    description A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.
    family unix
    id oval:org.mitre.oval:def:595
    status accepted
    submitted 2003-09-21T12:00:00.000-04:00
    title Potential BO in Ruleset Parsing for Sendmail
    version 37
redhat via4
advisories
rhsa
id RHSA-2003:283
refmap via4
bid 8649
bugtraq
  • 20030917 GLSA: sendmail (200309-13)
  • 20030919 [OpenPKG-SA-2003.041] OpenPKG Security Advisory (sendmail)
cert-vn VU#108964
conectiva CLA-2003:742
confirm http://www.sendmail.org/8.12.10.html
debian DSA-384
immunix IMNX-2003-7+-021-01
mandrake MDKSA-2003:092
xf sendmail-ruleset-parsing-bo(13216)
Last major update 17-10-2016 - 22:36
Published 06-10-2003 - 00:00
Last modified 02-05-2018 - 21:29
Back to Top