CVE-2003-0694

EXPLOITED

Sendmail 8.12.9 - Buffer Overflow

Title source: llm

Description

The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.

Exploits (1)

metasploit WORKING POC

by aushack · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/smtp/sendmail_prescan.rb

View Code ZIP pw:eip

References (18)

[Various Sources] ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.11/SCOSA-2004.11.txt

[Third Party Advisory] http://archives.neohapsis.com/archives/fulldisclosure/2003-q3/4119.html

[Third Party Advisory] http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0113.html

[Vendor Advisory] http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000742

[Mailing List] http://marc.info/?l=bugtraq&m=106381604923204&w=2

[Mailing List] http://marc.info/?l=bugtraq&m=106382859407683&w=2

[Mailing List] http://marc.info/?l=bugtraq&m=106383437615742&w=2

[Mailing List] http://marc.info/?l=bugtraq&m=106398718909274&w=2

[Patch, Third Party Advisory, US Government Resource] http://www.cert.org/advisories/CA-2003-25.html

[US Government Resource] http://www.kb.cert.org/vuls/id/784980

[Vendor Advisory] http://www.mandriva.com/security/advisories?name=MDKSA-2003:092

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2003-283.html

[Vendor Advisory] http://www.redhat.com/support/errata/RHSA-2003-284.html

[Patch] http://www.sendmail.org/8.12.10.html

[Third Party Advisory] http://www.debian.org/security/2003/dsa-384

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2975

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A572

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A603

Scores

EPSS 0.7608

EPSS Percentile 98.9%

Details

VulnCheck KEV 2017-06-20

Status published

Products (44)

apple/mac_os_x 10.2

apple/mac_os_x 10.2.1

apple/mac_os_x 10.2.2

apple/mac_os_x 10.2.3

apple/mac_os_x 10.2.4

apple/mac_os_x 10.2.5

apple/mac_os_x 10.2.6

apple/mac_os_x_server 10.2

apple/mac_os_x_server 10.2.1

apple/mac_os_x_server 10.2.2

... and 34 more

Published Oct 06, 2003

Tracked Since Feb 18, 2026