CVE-2003-0681

EXPLOITED

Sendmail Advanced Message Server - Buffer Overflow in Ruleset Parsing

Title source: llm

Exploitation Summary

CVE-2003-0681 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including Gyan Chawdhary.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Sendmail's prescan() function (CVE-2003-0681), allowing remote code execution by manipulating heap memory and overwriting GOT entries. It constructs a malicious string with shellcode and fake chunk metadata to trigger arbitrary code execution via sendmail.

Description

A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Gyan Chawdhary · cremotelinux

https://www.exploit-db.com/exploits/23154

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in Sendmail's prescan() function (CVE-2003-0681), allowing remote code execution by manipulating heap memory and overwriting GOT entries. It constructs a malicious string with shellcode and fake chunk metadata to trigger arbitrary code execution via sendmail.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: Sendmail versions 8.12.9 and below

No auth needed

Prerequisites: Vulnerable Sendmail version installed · Ability to execute sendmail with crafted input

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (12)

Core 12

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/13216

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=106398718909274&w=2

Patch x_refsource_confirm

http://www.sendmail.org/8.12.10.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2003-283.html

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A595

Vendor Advisory vendor-advisory x_refsource_mandrake

http://www.mandriva.com/security/advisories?name=MDKSA-2003:092

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3606

US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/108964

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2003/dsa-384

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=106383437615742&w=2

Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/8649

Vendor Advisory vendor-advisory x_refsource_conectiva

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000742

Scores

EPSS 0.1244

EPSS Percentile 94.1%

Details

VulnCheck KEV 2017-06-20

Status published

Products (45)

apple/mac_os_x 10.2

apple/mac_os_x 10.2.1

apple/mac_os_x 10.2.2

apple/mac_os_x 10.2.3

apple/mac_os_x 10.2.4

apple/mac_os_x 10.2.5

apple/mac_os_x 10.2.6

apple/mac_os_x_server 10.2

apple/mac_os_x_server 10.2.1

apple/mac_os_x_server 10.2.2

... and 35 more

Published Oct 06, 2003

Tracked Since Feb 18, 2026