CVE-2003-0694

EXPLOITED

Sendmail Advanced Message Server - Remote Code Execution via Prescan Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2003-0694 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including aushack, including a Metasploit module auxiliary/dos/smtp/sendmail_prescan.

AI-analyzed exploit summary This is a proof-of-concept denial-of-service exploit for Sendmail versions 8.12.8 and earlier, targeting a memory corruption vulnerability in the prescan() method during SMTP header parsing. The exploit sends a maliciously crafted RCPT TO command to trigger a segmentation fault.

Description

The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.

Exploits (1)

metasploit WORKING POC
by aushack · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/smtp/sendmail_prescan.rb

This is a proof-of-concept denial-of-service exploit for Sendmail versions 8.12.8 and earlier, targeting a memory corruption vulnerability in the prescan() method during SMTP header parsing. The exploit sends a maliciously crafted RCPT TO command to trigger a segmentation fault.

Classification
Working Poc 100%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Sendmail 8.12.8 and earlier
No auth needed
Prerequisites: Network access to the SMTP port of the target Sendmail server
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (18)

Core 18
Core References
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=106398718909274&w=2
Patch x_refsource_confirm
http://www.sendmail.org/8.12.10.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2003-283.html
Third Party Advisory mailing-list x_refsource_fulldisc
http://archives.neohapsis.com/archives/fulldisclosure/2003-q3/4119.html
Patch, Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert
http://www.cert.org/advisories/CA-2003-25.html
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/784980
Vendor Advisory vendor-advisory x_refsource_mandrake
http://www.mandriva.com/security/advisories?name=MDKSA-2003:092
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A603
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=106382859407683&w=2
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2003/dsa-384
Various Sources vendor-advisory x_refsource_sco
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.11/SCOSA-2004.11.txt
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2003-284.html
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=106383437615742&w=2
Third Party Advisory mailing-list x_refsource_vulnwatch
http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0113.html
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A572
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=106381604923204&w=2
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2975
Vendor Advisory vendor-advisory x_refsource_conectiva
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000742

Scores

EPSS 0.7608
EPSS Percentile 98.9%

Details

VulnCheck KEV 2017-06-20
Status published
Products (44)
apple/mac_os_x 10.2
apple/mac_os_x 10.2.1
apple/mac_os_x 10.2.2
apple/mac_os_x 10.2.3
apple/mac_os_x 10.2.4
apple/mac_os_x 10.2.5
apple/mac_os_x 10.2.6
apple/mac_os_x_server 10.2
apple/mac_os_x_server 10.2.1
apple/mac_os_x_server 10.2.2
... and 34 more
Published Oct 06, 2003
Tracked Since Feb 18, 2026