CVE-2003-0991 (GCVE-0-2003-0991)
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 02:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unknown vulnerability in the mail command handler in Mailman before 2.0.14 allows remote attackers to cause a denial of service (crash) via malformed e-mail commands.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:12:35.459Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20040201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc"
},
{
"name": "CLA-2004:842",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000842"
},
{
"name": "DSA-436",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-436"
},
{
"name": "9620",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9620"
},
{
"name": "RHSA-2004:019",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-019.html"
},
{
"name": "MDKSA-2004:013",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:013"
},
{
"name": "[Mailman-Announce] 20040208 RELEASED: Mailman 2.0.14 patch-only release",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail.python.org/pipermail/mailman-announce/2004-February/000067.html"
},
{
"name": "mailman-command-handler-dos(15106)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15106"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-02-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in the mail command handler in Mailman before 2.0.14 allows remote attackers to cause a denial of service (crash) via malformed e-mail commands."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-11-13T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20040201-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc"
},
{
"name": "CLA-2004:842",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000842"
},
{
"name": "DSA-436",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-436"
},
{
"name": "9620",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9620"
},
{
"name": "RHSA-2004:019",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-019.html"
},
{
"name": "MDKSA-2004:013",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:013"
},
{
"name": "[Mailman-Announce] 20040208 RELEASED: Mailman 2.0.14 patch-only release",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail.python.org/pipermail/mailman-announce/2004-February/000067.html"
},
{
"name": "mailman-command-handler-dos(15106)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15106"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0991",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability in the mail command handler in Mailman before 2.0.14 allows remote attackers to cause a denial of service (crash) via malformed e-mail commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20040201-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc"
},
{
"name": "CLA-2004:842",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000842"
},
{
"name": "DSA-436",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-436"
},
{
"name": "9620",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9620"
},
{
"name": "RHSA-2004:019",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-019.html"
},
{
"name": "MDKSA-2004:013",
"refsource": "MANDRAKE",
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:013"
},
{
"name": "[Mailman-Announce] 20040208 RELEASED: Mailman 2.0.14 patch-only release",
"refsource": "MLIST",
"url": "http://mail.python.org/pipermail/mailman-announce/2004-February/000067.html"
},
{
"name": "mailman-command-handler-dos(15106)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15106"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0991",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2003-12-16T00:00:00",
"dateUpdated": "2024-08-08T02:12:35.459Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2003-0991\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2004-03-03T05:00:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unknown vulnerability in the mail command handler in Mailman before 2.0.14 allows remote attackers to cause a denial of service (crash) via malformed e-mail commands.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad desconocida en el manejador de instrucciones por correo en Mailman anteriores a 2.0.14 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) mediante instrucciones de correo electr\u00f3nico malformadas.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:mailman:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46CF8999-445E-4E03-89F1-81669F9F93D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:mailman:1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D965E3E-E08C-40EA-AF66-470F473F0262\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:mailman:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"64179C1D-C96F-431F-AD80-CBCA77CB9E53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:mailman:2.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC6B30F6-70A8-43C7-BA5C-6DD8A6ED829D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:mailman:2.0:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"767101D3-ABB0-4D34-AA28-75F78A392F39\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:mailman:2.0:beta5:*:*:*:*:*:*\",\"matchCriteriaId\":\"BEB60D06-E9D0-4949-8542-334D180F491D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:mailman:2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F884774-D1A1-42A6-A3FE-9B0500725666\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:mailman:2.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C56B981-FD66-46F2-806A-3FFDEC520482\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:mailman:2.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E3E1994-6CAC-48E9-8438-0D894A76FE66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:mailman:2.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB8742B0-A91D-457D-BF57-06AFC5219BF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:mailman:2.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F04EDBE-4B04-4B4C-A2BE-5286AC7C8952\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:mailman:2.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"615566E3-9EBD-49B3-9727-0883D3F0334B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:mailman:2.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F59D0CCF-3CD0-4D99-B1F1-38F331422801\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:mailman:2.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FADF5CE8-D072-4CFE-8A96-BA86187B478B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:mailman:2.0.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72278005-5F2A-4459-8813-DF7EC2D1F063\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:mailman:2.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E39A909-E266-4BA9-87C6-DE26052433E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:mailman:2.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABA16FD9-0625-4D3D-9F10-130A28C88DA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:mailman:2.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE33EFBF-E155-4C3B-93CC-63AA1266A8A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:mailman:2.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78F2FB70-7EB9-4AA7-9E85-C151C3CC8104\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnu:mailman:2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1D6A976-FFEA-4DB6-B002-8036E778C78E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"26430687-409B-448F-934B-06AB937DDF63\"}]}]}],\"references\":[{\"url\":\"ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000842\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://mail.python.org/pipermail/mailman-announce/2004-February/000067.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.debian.org/security/2004/dsa-436\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:013\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2004-019.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/9620\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/15106\",\"source\":\"cve@mitre.org\"},{\"url\":\"ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000842\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://mail.python.org/pipermail/mailman-announce/2004-February/000067.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.debian.org/security/2004/dsa-436\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:013\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2004-019.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/9620\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/15106\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…