CVE-2002-1337
Summary
| CVE | CVE-2002-1337 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2003-03-07 05:00:00 UTC |
| Updated | 2018-10-30 16:26:00 UTC |
| Description | Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Gentoo | Linux | 1.4 | rc1 | All | All |
| Operating System | Gentoo | Linux | 1.4 | rc2 | All | All |
| Operating System | Gentoo | Linux | 1.4 | rc1 | All | All |
| Operating System | Gentoo | Linux | 1.4 | rc2 | All | All |
| Hardware | Hp | Alphaserver Sc | All | All | All | All |
| Hardware | Hp | Alphaserver Sc | All | All | All | All |
| Operating System | Hp | Hp-ux | 10.10 | All | All | All |
| Operating System | Hp | Hp-ux | 10.20 | All | All | All |
| Operating System | Hp | Hp-ux | 11.0.4 | All | All | All |
| Operating System | Hp | Hp-ux | 11.00 | All | All | All |
| Operating System | Hp | Hp-ux | 11.11 | All | All | All |
| Operating System | Hp | Hp-ux | 11.22 | All | All | All |
| Operating System | Hp | Hp-ux | 10.10 | All | All | All |
| Operating System | Hp | Hp-ux | 10.20 | All | All | All |
| Operating System | Hp | Hp-ux | 11.0.4 | All | All | All |
| Operating System | Hp | Hp-ux | 11.00 | All | All | All |
| Operating System | Hp | Hp-ux | 11.11 | All | All | All |
| Operating System | Hp | Hp-ux | 11.22 | All | All | All |
| Operating System | Netbsd | Netbsd | 1.5 | All | All | All |
| Operating System | Netbsd | Netbsd | 1.5.1 | All | All | All |
| Operating System | Netbsd | Netbsd | 1.5.2 | All | All | All |
| Operating System | Netbsd | Netbsd | 1.5.3 | All | All | All |
| Operating System | Netbsd | Netbsd | 1.6 | All | All | All |
| Operating System | Netbsd | Netbsd | 1.5 | All | All | All |
| Operating System | Netbsd | Netbsd | 1.5.1 | All | All | All |
| Operating System | Netbsd | Netbsd | 1.5.2 | All | All | All |
| Operating System | Netbsd | Netbsd | 1.5.3 | All | All | All |
| Operating System | Netbsd | Netbsd | 1.6 | All | All | All |
| Application | Sendmail | Advanced Message Server | 1.2 | All | All | All |
| Application | Sendmail | Advanced Message Server | 1.3 | All | All | All |
| Application | Sendmail | Advanced Message Server | 1.2 | All | All | All |
| Application | Sendmail | Advanced Message Server | 1.3 | All | All | All |
| Application | Sendmail | Sendmail | 2.6 | All | nt | All |
| Application | Sendmail | Sendmail | 2.6.1 | All | nt | All |
| Application | Sendmail | Sendmail | 3.0 | All | nt | All |
| Application | Sendmail | Sendmail | 3.0.1 | All | nt | All |
| Application | Sendmail | Sendmail | 3.0.2 | All | nt | All |
| Application | Sendmail | Sendmail | 5.59 | All | All | All |
| Application | Sendmail | Sendmail | 5.61 | All | All | All |
| Application | Sendmail | Sendmail | 5.65 | All | All | All |
| Application | Sendmail | Sendmail | 8.10 | All | All | All |
| Application | Sendmail | Sendmail | 8.10.1 | All | All | All |
| Application | Sendmail | Sendmail | 8.10.2 | All | All | All |
| Application | Sendmail | Sendmail | 8.11.0 | All | All | All |
| Application | Sendmail | Sendmail | 8.11.1 | All | All | All |
| Application | Sendmail | Sendmail | 8.11.2 | All | All | All |
| Application | Sendmail | Sendmail | 8.11.3 | All | All | All |
| Application | Sendmail | Sendmail | 8.11.4 | All | All | All |
| Application | Sendmail | Sendmail | 8.11.5 | All | All | All |
| Application | Sendmail | Sendmail | 8.11.6 | All | All | All |
| Application | Sendmail | Sendmail | 8.12 | beta10 | All | All |
| Application | Sendmail | Sendmail | 8.12 | beta12 | All | All |
| Application | Sendmail | Sendmail | 8.12 | beta16 | All | All |
| Application | Sendmail | Sendmail | 8.12 | beta5 | All | All |
| Application | Sendmail | Sendmail | 8.12 | beta7 | All | All |
| Application | Sendmail | Sendmail | 8.12.0 | All | All | All |
| Application | Sendmail | Sendmail | 8.12.1 | All | All | All |
| Application | Sendmail | Sendmail | 8.12.2 | All | All | All |
| Application | Sendmail | Sendmail | 8.12.3 | All | All | All |
| Application | Sendmail | Sendmail | 8.12.4 | All | All | All |
| Application | Sendmail | Sendmail | 8.12.5 | All | All | All |
| Application | Sendmail | Sendmail | 8.12.6 | All | All | All |
| Application | Sendmail | Sendmail | 8.12.7 | All | All | All |
| Application | Sendmail | Sendmail | 8.8.8 | All | All | All |
| Application | Sendmail | Sendmail | 8.9.0 | All | All | All |
| Application | Sendmail | Sendmail | 8.9.1 | All | All | All |
| Application | Sendmail | Sendmail | 8.9.2 | All | All | All |
| Application | Sendmail | Sendmail | 8.9.3 | All | All | All |
| Application | Sendmail | Sendmail | 2.6 | All | nt | All |
| Application | Sendmail | Sendmail | 2.6.1 | All | nt | All |
| Application | Sendmail | Sendmail | 3.0 | All | nt | All |
| Application | Sendmail | Sendmail | 3.0.1 | All | nt | All |
| Application | Sendmail | Sendmail | 3.0.2 | All | nt | All |
| Application | Sendmail | Sendmail | 5.59 | All | All | All |
| Application | Sendmail | Sendmail | 5.61 | All | All | All |
| Application | Sendmail | Sendmail | 5.65 | All | All | All |
| Application | Sendmail | Sendmail | 8.10 | All | All | All |
| Application | Sendmail | Sendmail | 8.10.1 | All | All | All |
| Application | Sendmail | Sendmail | 8.10.2 | All | All | All |
| Application | Sendmail | Sendmail | 8.11.0 | All | All | All |
| Application | Sendmail | Sendmail | 8.11.1 | All | All | All |
| Application | Sendmail | Sendmail | 8.11.2 | All | All | All |
| Application | Sendmail | Sendmail | 8.11.3 | All | All | All |
| Application | Sendmail | Sendmail | 8.11.4 | All | All | All |
| Application | Sendmail | Sendmail | 8.11.5 | All | All | All |
| Application | Sendmail | Sendmail | 8.11.6 | All | All | All |
| Application | Sendmail | Sendmail | 8.12 | beta10 | All | All |
| Application | Sendmail | Sendmail | 8.12 | beta12 | All | All |
| Application | Sendmail | Sendmail | 8.12 | beta16 | All | All |
| Application | Sendmail | Sendmail | 8.12 | beta5 | All | All |
| Application | Sendmail | Sendmail | 8.12 | beta7 | All | All |
| Application | Sendmail | Sendmail | 8.12.0 | All | All | All |
| Application | Sendmail | Sendmail | 8.12.1 | All | All | All |
| Application | Sendmail | Sendmail | 8.12.2 | All | All | All |
| Application | Sendmail | Sendmail | 8.12.3 | All | All | All |
| Application | Sendmail | Sendmail | 8.12.4 | All | All | All |
| Application | Sendmail | Sendmail | 8.12.5 | All | All | All |
| Application | Sendmail | Sendmail | 8.12.6 | All | All | All |
| Application | Sendmail | Sendmail | 8.12.7 | All | All | All |
| Application | Sendmail | Sendmail | 8.8.8 | All | All | All |
| Application | Sendmail | Sendmail | 8.9.0 | All | All | All |
| Application | Sendmail | Sendmail | 8.9.1 | All | All | All |
| Application | Sendmail | Sendmail | 8.9.2 | All | All | All |
| Application | Sendmail | Sendmail | 8.9.3 | All | All | All |
| Application | Sendmail | Sendmail Switch | 2.1 | All | All | All |
| Application | Sendmail | Sendmail Switch | 2.1.1 | All | All | All |
| Application | Sendmail | Sendmail Switch | 2.1.2 | All | All | All |
| Application | Sendmail | Sendmail Switch | 2.1.3 | All | All | All |
| Application | Sendmail | Sendmail Switch | 2.1.4 | All | All | All |
| Application | Sendmail | Sendmail Switch | 2.2 | All | All | All |
| Application | Sendmail | Sendmail Switch | 2.2.1 | All | All | All |
| Application | Sendmail | Sendmail Switch | 2.2.2 | All | All | All |
| Application | Sendmail | Sendmail Switch | 2.2.3 | All | All | All |
| Application | Sendmail | Sendmail Switch | 2.2.4 | All | All | All |
| Application | Sendmail | Sendmail Switch | 3.0 | All | All | All |
| Application | Sendmail | Sendmail Switch | 3.0.1 | All | All | All |
| Application | Sendmail | Sendmail Switch | 3.0.2 | All | All | All |
| Application | Sendmail | Sendmail Switch | 2.1 | All | All | All |
| Application | Sendmail | Sendmail Switch | 2.1.1 | All | All | All |
| Application | Sendmail | Sendmail Switch | 2.1.2 | All | All | All |
| Application | Sendmail | Sendmail Switch | 2.1.3 | All | All | All |
| Application | Sendmail | Sendmail Switch | 2.1.4 | All | All | All |
| Application | Sendmail | Sendmail Switch | 2.2 | All | All | All |
| Application | Sendmail | Sendmail Switch | 2.2.1 | All | All | All |
| Application | Sendmail | Sendmail Switch | 2.2.2 | All | All | All |
| Application | Sendmail | Sendmail Switch | 2.2.3 | All | All | All |
| Application | Sendmail | Sendmail Switch | 2.2.4 | All | All | All |
| Application | Sendmail | Sendmail Switch | 3.0 | All | All | All |
| Application | Sendmail | Sendmail Switch | 3.0.1 | All | All | All |
| Application | Sendmail | Sendmail Switch | 3.0.2 | All | All | All |
| Application | Sgi | Freeware | 1.0 | All | All | All |
| Application | Sgi | Freeware | 1.0 | All | All | All |
| Operating System | Sun | Solaris | 2.6 | All | All | All |
| Operating System | Sun | Solaris | 7.0 | All | x86 | All |
| Operating System | Sun | Solaris | 8.0 | All | x86 | All |
| Operating System | Sun | Solaris | 9.0 | All | sparc | All |
| Operating System | Sun | Solaris | 9.0 | All | x86 | All |
| Operating System | Sun | Solaris | 2.6 | All | All | All |
| Operating System | Sun | Solaris | 7.0 | All | x86 | All |
| Operating System | Sun | Solaris | 8.0 | All | x86 | All |
| Operating System | Sun | Solaris | 9.0 | All | sparc | All |
| Operating System | Sun | Solaris | 9.0 | All | x86 | All |
| Operating System | Sun | Sunos | - | All | All | All |
| Operating System | Sun | Sunos | 5.7 | All | All | All |
| Operating System | Sun | Sunos | 5.8 | All | All | All |
| Operating System | Sun | Sunos | - | All | All | All |
| Operating System | Sun | Sunos | 5.7 | All | All | All |
| Operating System | Sun | Sunos | 5.8 | All | All | All |
| Operating System | Windriver | Bsdos | 4.2 | All | All | All |
| Operating System | Windriver | Bsdos | 4.3.1 | All | All | All |
| Operating System | Windriver | Bsdos | 5.0 | All | All | All |
| Operating System | Windriver | Bsdos | 4.2 | All | All | All |
| Operating System | Windriver | Bsdos | 4.3.1 | All | All | All |
| Operating System | Windriver | Bsdos | 5.0 | All | All | All |
| Operating System | Windriver | Platform Sa | 1.0 | All | All | All |
| Operating System | Windriver | Platform Sa | 1.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| 'sendmail 8.12.8 available' - MARC | BUGTRAQ | marc.info | |
| CERT Advisory CA-2003-07 Remote Buffer Overflow in Sendmail | CERT | www.cert.org | Patch, Third Party Advisory, US Government Resource |
| '[LSD] Technical analysis of the remote sendmail vulnerability' - MARC | BUGTRAQ | marc.info | |
| Search results | AIXAPAR | www-1.ibm.com | |
| CSSA-2003-SCO.5 | CALDERA | ftp.sco.com | |
| 20030301-01-P | SGI | patches.sgi.com | |
| 'Fwd: APPLE-SA-2003-03-03 sendmail' - MARC | BUGTRAQ | marc.info | |
| CSSA-2003-SCO.6 | CALDERA | ftp.sco.com | |
| redhat.com | Red Hat Support | REDHAT | www.redhat.com | |
| NetBSD-SA2003-002 | NETBSD | ftp.netbsd.org | |
| Home - Conectiva | CONECTIVA | distro.conectiva.com.br | |
| Search results | AIXAPAR | www-1.ibm.com | |
| Search results | AIXAPAR | www-1.ibm.com | |
| Advisories - Mandriva Linux | MANDRAKE | frontal2.mandriva.com | |
| 20030303 Remote Sendmail Header Processing Vulnerability | ISS | www.iss.net | Patch, Vendor Advisory |
| 'GLSA: sendmail (200303-4)' - MARC | BUGTRAQ | marc.info | |
| sendmail-header-processing-bo(10748) | XF | www.iss.net | |
| redhat.com | Red Hat Support | REDHAT | www.redhat.com | |
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| CERT/CC Vulnerability Note VU#398025 | CERT-VN | www.kb.cert.org | US Government Resource |
| Sendmail Header Processing Buffer Overflow Vulnerability | BID | www.securityfocus.com | Exploit, Patch, Vendor Advisory |
| redhat.com | Red Hat Support | REDHAT | www.redhat.com | |
| Sendmail - 8.12 | CONFIRM | www.sendmail.org | Patch, Vendor Advisory |
| Debian -- Security Information -- DSA-257-1 sendmail | DEBIAN | www.debian.org | |
| 'HP-UX security bulletins digest [Fwd/sendmail issue]' - MARC | HP | marc.info | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.