The prescan() function in the address parser (parseaddr.c) in Sendmail prior to 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing malicious users to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sendmail sendmail 2.6 |
||
sendmail sendmail 8.10 |
||
sendmail sendmail 8.10.1 |
||
sendmail sendmail 8.11.6 |
||
sendmail sendmail 8.12.0 |
||
sendmail sendmail 8.12.7 |
||
sendmail sendmail 8.12.8 |
||
sendmail sendmail 8.9.1 |
||
sendmail sendmail 8.9.2 |
||
sendmail sendmail switch 2.2 |
||
sendmail sendmail switch 2.2.1 |
||
sendmail sendmail switch 3.0.2 |
||
sendmail sendmail switch 3.0.3 |
||
sendmail sendmail 3.0 |
||
sendmail sendmail 3.0.1 |
||
sendmail sendmail 8.11.1 |
||
sendmail sendmail 8.11.2 |
||
sendmail sendmail 8.11.3 |
||
sendmail sendmail 8.12.3 |
||
sendmail sendmail 8.12.4 |
||
sendmail sendmail 8.12 |
||
sendmail sendmail switch 2.1.1 |
||
sendmail sendmail switch 2.1.2 |
||
sendmail sendmail switch 2.1.3 |
||
sendmail sendmail switch 2.2.4 |
||
sendmail sendmail switch 2.2.5 |
||
sendmail sendmail 2.6.1 |
||
sendmail sendmail 2.6.2 |
||
sendmail sendmail 8.10.2 |
||
sendmail sendmail 8.11.0 |
||
sendmail sendmail 8.12.1 |
||
sendmail sendmail 8.12.2 |
||
sendmail sendmail 8.9.3 |
||
sendmail sendmail switch 2.1 |
||
sendmail sendmail switch 2.2.2 |
||
sendmail sendmail switch 2.2.3 |
||
sendmail sendmail 3.0.2 |
||
sendmail sendmail 3.0.3 |
||
sendmail sendmail 8.11.4 |
||
sendmail sendmail 8.11.5 |
||
sendmail sendmail 8.12.5 |
||
sendmail sendmail 8.12.6 |
||
sendmail sendmail 8.9.0 |
||
sendmail sendmail switch 2.1.4 |
||
sendmail sendmail switch 2.1.5 |
||
sendmail sendmail switch 3.0 |
||
sendmail sendmail switch 3.0.1 |
||
compaq tru64 4.0f_pk7_bl18 |
||
compaq tru64 4.0g |
||
compaq tru64 4.0d |
||
compaq tru64 4.0d_pk9_bl17 |
||
compaq tru64 5.0_pk4_bl18 |
||
compaq tru64 5.0a |
||
compaq tru64 5.1_pk6_bl20 |
||
compaq tru64 5.1a |
||
hp hp-ux 10.01 |
||
hp hp-ux 10.08 |
||
hp hp-ux 10.34 |
||
compaq tru64 4.0b |
||
compaq tru64 4.0g_pk3_bl17 |
||
compaq tru64 5.0 |
||
compaq tru64 5.0_pk4_bl17 |
||
compaq tru64 5.1_pk4_bl18 |
||
compaq tru64 5.1_pk5_bl19 |
||
compaq tru64 5.1b_pk1_bl1 |
||
hp hp-ux 10.00 |
||
hp hp-ux 10.26 |
||
hp hp-ux 10.30 |
||
hp hp-ux series 700 10.20 |
||
hp hp-ux series 800 10.20 |
||
sun solaris 2.5.1 |
||
sun solaris 2.5 |
||
sun solaris 9.0 |
||
hp hp-ux 11.0.4 |
||
hp sis |
||
sun sunos 5.4 |
||
sun solaris 2.6 |
||
sun sunos - |
||
compaq tru64 5.1 |
||
compaq tru64 5.1_pk3_bl17 |
||
compaq tru64 5.1a_pk3_bl3 |
||
compaq tru64 5.1b |
||
hp hp-ux 10.16 |
||
hp hp-ux 10.20 |
||
hp hp-ux 10.24 |
||
hp hp-ux 11.20 |
||
hp hp-ux 11.22 |
||
sun sunos 5.5.1 |
||
sun solaris 8.0 |
||
compaq tru64 4.0f |
||
compaq tru64 4.0f_pk6_bl17 |
||
compaq tru64 5.0a_pk3_bl17 |
||
compaq tru64 5.0f |
||
compaq tru64 5.1a_pk1_bl1 |
||
compaq tru64 5.1a_pk2_bl2 |
||
hp hp-ux 10.09 |
||
hp hp-ux 10.10 |
||
hp hp-ux 11.00 |
||
hp hp-ux 11.11 |
||
sun solaris 2.4 |
||
sun sunos 5.5 |
||
sun sunos 5.7 |
||
sun solaris 7.0 |
||
sun sunos 5.8 |