Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2002-1337

Published: 07/03/2003 Updated: 09/02/2024
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Sendmail

Vulnerability Summary

Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote malicious users to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.

Vulnerable Product Search on Vulmon Subscribe to Product

sendmail sendmail

netbsd netbsd 1.5.3

netbsd netbsd 1.6

hp hp-ux 11.11

netbsd netbsd 1.5

windriver bsdos 4.2

sun sunos 5.7

sun sunos 5.8

gentoo linux 1.4

hp hp-ux 11.00

windriver bsdos 5.0

netbsd netbsd 1.5.1

hp hp-ux 11.0.4

oracle solaris 8

hp hp-ux 11.22

netbsd netbsd 1.5.2

oracle solaris 9

hp alphaserver sc

hp hp-ux 10.20

windriver platform sa 1.0

hp hp-ux 10.10

windriver bsdos 4.3.1

sun sunos -

oracle solaris 7.0

oracle solaris 2.6

Vendor Advisories

Debian Security Advisories: DSA-257-1 sendmail -- remote exploit
Mark Dowd of ISS X-Force found a bug in the header parsing routines of sendmail: it could overflow a buffer overflow when encountering addresses with very long comments Since sendmail also parses headers when forwarding emails this vulnerability can hit mail-servers which do not deliver the email as well This has been fixed in upstream release 8 ...

Exploits

Exploit DB: Sendmail 8.12.x - Header Processing Buffer Overflow (1)
source: wwwsecurityfocuscom/bid/6991/info Sendmail is prone to a remotely buffer-overflow vulnerability in the SMTP header parsing component Successful attackers may exploit this vulnerability to gain control of affected servers Reportedly, this vulnerability may be locally exploitable if the sendmail binary is setuid/setgid Sendmail ...
Exploit DB: Sendmail 8.12.x - Header Processing Buffer Overflow (2)
source: wwwsecurityfocuscom/bid/6991/info Sendmail is prone to a remotely buffer-overflow vulnerability in the SMTP header parsing component Successful attackers may exploit this vulnerability to gain control of affected servers Reportedly, this vulnerability may be locally exploitable if the sendmail binary is setuid/setgid Sendm ...
Exploit DB: Sendmail 8.11.x (Linux/i386) - Local Privilege Escalation
/* sendmail 811x exploit (i386-Linux) by sd@sfcz (sd@ircnet) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This code exploits well-known local-root bug in sendmail 811x, 812x may be vulnerable too, but I didn't test it It gives instant root shell with +s sendmail 811x, x < 6 We're using objdump, gdb & grep i ...

Github Repositories

https://github.com/byte-mug/cumes

CUMES - C Unrestricted Mail Exchange Server (under construction)

(!) UNDER CONSTRUCTION CUMES - C Unrestricted Mail Exchange Server CUMES is (or will be) a free and secure MTA, partially inspired by qmail Under construction Unrestricted: CUMES is not Free, but with restrictions, Software, but MIT-Licensed You can do (almost) everything with the code Motivation Every few months, or even days, another security hole shows up in sendmail, p

References

CWE-120http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950http://www.sendmail.org/8.12.8.htmlhttp://www.cert.org/advisories/CA-2003-07.htmlhttp://www.securityfocus.com/bid/6991http://www.redhat.com/support/errata/RHSA-2003-073.htmlhttp://www.redhat.com/support/errata/RHSA-2003-074.htmlhttp://www.redhat.com/support/errata/RHSA-2003-227.htmlftp://patches.sgi.com/support/free/security/advisories/20030301-01-Phttp://www-1.ibm.com/support/search.wss?rs=0&q=IY40500&apar=onlyhttp://www-1.ibm.com/support/search.wss?rs=0&q=IY40501&apar=onlyhttp://www-1.ibm.com/support/search.wss?rs=0&q=IY40502&apar=onlyhttp://frontal2.mandriva.com/security/advisories?name=MDKSA-2003:028ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-002.txt.aschttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000571http://www.debian.org/security/2003/dsa-257ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.6ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.5http://www.kb.cert.org/vuls/id/398025http://www.iss.net/security_center/static/10748.phphttp://marc.info/?l=bugtraq&m=104679411316818&w=2http://marc.info/?l=bugtraq&m=104678739608479&w=2http://marc.info/?l=bugtraq&m=104678862109841&w=2http://marc.info/?l=bugtraq&m=104673778105192&w=2http://marc.info/?l=bugtraq&m=104678862409849&w=2https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2222https://www.debian.org/security/./dsa-257https://nvd.nist.govhttps://github.com/byte-mug/cumeshttps://www.exploit-db.com/exploits/22313/https://www.kb.cert.org/vuls/id/398025
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook