Search criteria
3 vulnerabilities found for platform_sa by windriver
CVE-2002-1337 (GCVE-0-2002-1337)
Vulnerability from cvelistv5 – Published: 2004-09-01 04:00 – Updated: 2024-08-08 03:19
VLAI?
Summary
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:28.722Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2003:073",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-073.html"
},
{
"name": "20030301-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030301-01-P"
},
{
"name": "IY40501",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40501\u0026apar=only"
},
{
"name": "20030303 Fwd: APPLE-SA-2003-03-03 sendmail",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104678862109841\u0026w=2"
},
{
"name": "RHSA-2003:227",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-227.html"
},
{
"name": "6991",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6991"
},
{
"name": "VU#398025",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/398025"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sendmail.org/8.12.8.html"
},
{
"name": "DSA-257",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-257"
},
{
"name": "20030304 [LSD] Technical analysis of the remote sendmail vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104678739608479\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:2222",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2222"
},
{
"name": "RHSA-2003:074",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-074.html"
},
{
"name": "CA-2003-07",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2003-07.html"
},
{
"name": "20030303 sendmail 8.12.8 available",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104673778105192\u0026w=2"
},
{
"name": "MDKSA-2003:028",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2003:028"
},
{
"name": "IY40500",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40500\u0026apar=only"
},
{
"name": "sendmail-header-processing-bo(10748)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10748.php"
},
{
"name": "CSSA-2003-SCO.6",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.6"
},
{
"name": "CSSA-2003-SCO.5",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.5"
},
{
"name": "CLA-2003:571",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000571"
},
{
"name": "NetBSD-SA2003-002",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-002.txt.asc"
},
{
"name": "HPSBUX0302-246",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104679411316818\u0026w=2"
},
{
"name": "20030303 Remote Sendmail Header Processing Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950"
},
{
"name": "IY40502",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40502\u0026apar=only"
},
{
"name": "20030304 GLSA: sendmail (200303-4)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104678862409849\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-03-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-05-21T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2003:073",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-073.html"
},
{
"name": "20030301-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030301-01-P"
},
{
"name": "IY40501",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40501\u0026apar=only"
},
{
"name": "20030303 Fwd: APPLE-SA-2003-03-03 sendmail",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104678862109841\u0026w=2"
},
{
"name": "RHSA-2003:227",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-227.html"
},
{
"name": "6991",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6991"
},
{
"name": "VU#398025",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/398025"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sendmail.org/8.12.8.html"
},
{
"name": "DSA-257",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-257"
},
{
"name": "20030304 [LSD] Technical analysis of the remote sendmail vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104678739608479\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:2222",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2222"
},
{
"name": "RHSA-2003:074",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-074.html"
},
{
"name": "CA-2003-07",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2003-07.html"
},
{
"name": "20030303 sendmail 8.12.8 available",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104673778105192\u0026w=2"
},
{
"name": "MDKSA-2003:028",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2003:028"
},
{
"name": "IY40500",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40500\u0026apar=only"
},
{
"name": "sendmail-header-processing-bo(10748)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10748.php"
},
{
"name": "CSSA-2003-SCO.6",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.6"
},
{
"name": "CSSA-2003-SCO.5",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.5"
},
{
"name": "CLA-2003:571",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000571"
},
{
"name": "NetBSD-SA2003-002",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-002.txt.asc"
},
{
"name": "HPSBUX0302-246",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104679411316818\u0026w=2"
},
{
"name": "20030303 Remote Sendmail Header Processing Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950"
},
{
"name": "IY40502",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40502\u0026apar=only"
},
{
"name": "20030304 GLSA: sendmail (200303-4)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104678862409849\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1337",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2003:073",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-073.html"
},
{
"name": "20030301-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030301-01-P"
},
{
"name": "IY40501",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40501\u0026apar=only"
},
{
"name": "20030303 Fwd: APPLE-SA-2003-03-03 sendmail",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104678862109841\u0026w=2"
},
{
"name": "RHSA-2003:227",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-227.html"
},
{
"name": "6991",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6991"
},
{
"name": "VU#398025",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/398025"
},
{
"name": "http://www.sendmail.org/8.12.8.html",
"refsource": "CONFIRM",
"url": "http://www.sendmail.org/8.12.8.html"
},
{
"name": "DSA-257",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-257"
},
{
"name": "20030304 [LSD] Technical analysis of the remote sendmail vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104678739608479\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:2222",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2222"
},
{
"name": "RHSA-2003:074",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-074.html"
},
{
"name": "CA-2003-07",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2003-07.html"
},
{
"name": "20030303 sendmail 8.12.8 available",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104673778105192\u0026w=2"
},
{
"name": "MDKSA-2003:028",
"refsource": "MANDRAKE",
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2003:028"
},
{
"name": "IY40500",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40500\u0026apar=only"
},
{
"name": "sendmail-header-processing-bo(10748)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10748.php"
},
{
"name": "CSSA-2003-SCO.6",
"refsource": "CALDERA",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.6"
},
{
"name": "CSSA-2003-SCO.5",
"refsource": "CALDERA",
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.5"
},
{
"name": "CLA-2003:571",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000571"
},
{
"name": "NetBSD-SA2003-002",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-002.txt.asc"
},
{
"name": "HPSBUX0302-246",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=104679411316818\u0026w=2"
},
{
"name": "20030303 Remote Sendmail Header Processing Vulnerability",
"refsource": "ISS",
"url": "http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950"
},
{
"name": "IY40502",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40502\u0026apar=only"
},
{
"name": "20030304 GLSA: sendmail (200303-4)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104678862409849\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1337",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-12-03T00:00:00",
"dateUpdated": "2024-08-08T03:19:28.722Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1337 (GCVE-0-2002-1337)
Vulnerability from nvd – Published: 2004-09-01 04:00 – Updated: 2024-08-08 03:19
VLAI?
Summary
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:19:28.722Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2003:073",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-073.html"
},
{
"name": "20030301-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030301-01-P"
},
{
"name": "IY40501",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40501\u0026apar=only"
},
{
"name": "20030303 Fwd: APPLE-SA-2003-03-03 sendmail",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104678862109841\u0026w=2"
},
{
"name": "RHSA-2003:227",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-227.html"
},
{
"name": "6991",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6991"
},
{
"name": "VU#398025",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/398025"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sendmail.org/8.12.8.html"
},
{
"name": "DSA-257",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-257"
},
{
"name": "20030304 [LSD] Technical analysis of the remote sendmail vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104678739608479\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:2222",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2222"
},
{
"name": "RHSA-2003:074",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-074.html"
},
{
"name": "CA-2003-07",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2003-07.html"
},
{
"name": "20030303 sendmail 8.12.8 available",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104673778105192\u0026w=2"
},
{
"name": "MDKSA-2003:028",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2003:028"
},
{
"name": "IY40500",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40500\u0026apar=only"
},
{
"name": "sendmail-header-processing-bo(10748)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10748.php"
},
{
"name": "CSSA-2003-SCO.6",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.6"
},
{
"name": "CSSA-2003-SCO.5",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.5"
},
{
"name": "CLA-2003:571",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000571"
},
{
"name": "NetBSD-SA2003-002",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-002.txt.asc"
},
{
"name": "HPSBUX0302-246",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104679411316818\u0026w=2"
},
{
"name": "20030303 Remote Sendmail Header Processing Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950"
},
{
"name": "IY40502",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40502\u0026apar=only"
},
{
"name": "20030304 GLSA: sendmail (200303-4)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104678862409849\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-03-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-05-21T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2003:073",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-073.html"
},
{
"name": "20030301-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030301-01-P"
},
{
"name": "IY40501",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40501\u0026apar=only"
},
{
"name": "20030303 Fwd: APPLE-SA-2003-03-03 sendmail",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104678862109841\u0026w=2"
},
{
"name": "RHSA-2003:227",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-227.html"
},
{
"name": "6991",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6991"
},
{
"name": "VU#398025",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/398025"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sendmail.org/8.12.8.html"
},
{
"name": "DSA-257",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-257"
},
{
"name": "20030304 [LSD] Technical analysis of the remote sendmail vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104678739608479\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:2222",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2222"
},
{
"name": "RHSA-2003:074",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-074.html"
},
{
"name": "CA-2003-07",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2003-07.html"
},
{
"name": "20030303 sendmail 8.12.8 available",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104673778105192\u0026w=2"
},
{
"name": "MDKSA-2003:028",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2003:028"
},
{
"name": "IY40500",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40500\u0026apar=only"
},
{
"name": "sendmail-header-processing-bo(10748)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10748.php"
},
{
"name": "CSSA-2003-SCO.6",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.6"
},
{
"name": "CSSA-2003-SCO.5",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.5"
},
{
"name": "CLA-2003:571",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000571"
},
{
"name": "NetBSD-SA2003-002",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-002.txt.asc"
},
{
"name": "HPSBUX0302-246",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104679411316818\u0026w=2"
},
{
"name": "20030303 Remote Sendmail Header Processing Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950"
},
{
"name": "IY40502",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40502\u0026apar=only"
},
{
"name": "20030304 GLSA: sendmail (200303-4)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104678862409849\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1337",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2003:073",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-073.html"
},
{
"name": "20030301-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030301-01-P"
},
{
"name": "IY40501",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40501\u0026apar=only"
},
{
"name": "20030303 Fwd: APPLE-SA-2003-03-03 sendmail",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104678862109841\u0026w=2"
},
{
"name": "RHSA-2003:227",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-227.html"
},
{
"name": "6991",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6991"
},
{
"name": "VU#398025",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/398025"
},
{
"name": "http://www.sendmail.org/8.12.8.html",
"refsource": "CONFIRM",
"url": "http://www.sendmail.org/8.12.8.html"
},
{
"name": "DSA-257",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-257"
},
{
"name": "20030304 [LSD] Technical analysis of the remote sendmail vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104678739608479\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:2222",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2222"
},
{
"name": "RHSA-2003:074",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-074.html"
},
{
"name": "CA-2003-07",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2003-07.html"
},
{
"name": "20030303 sendmail 8.12.8 available",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104673778105192\u0026w=2"
},
{
"name": "MDKSA-2003:028",
"refsource": "MANDRAKE",
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2003:028"
},
{
"name": "IY40500",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40500\u0026apar=only"
},
{
"name": "sendmail-header-processing-bo(10748)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10748.php"
},
{
"name": "CSSA-2003-SCO.6",
"refsource": "CALDERA",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.6"
},
{
"name": "CSSA-2003-SCO.5",
"refsource": "CALDERA",
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.5"
},
{
"name": "CLA-2003:571",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000571"
},
{
"name": "NetBSD-SA2003-002",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-002.txt.asc"
},
{
"name": "HPSBUX0302-246",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=104679411316818\u0026w=2"
},
{
"name": "20030303 Remote Sendmail Header Processing Vulnerability",
"refsource": "ISS",
"url": "http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950"
},
{
"name": "IY40502",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40502\u0026apar=only"
},
{
"name": "20030304 GLSA: sendmail (200303-4)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104678862409849\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1337",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-12-03T00:00:00",
"dateUpdated": "2024-08-08T03:19:28.722Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
FKIE_CVE-2002-1337
Vulnerability from fkie_nvd - Published: 2003-03-07 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-002.txt.asc | Broken Link | |
| cve@mitre.org | ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.6 | Broken Link | |
| cve@mitre.org | ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.5 | Broken Link | |
| cve@mitre.org | ftp://patches.sgi.com/support/free/security/advisories/20030301-01-P | Broken Link | |
| cve@mitre.org | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000571 | Broken Link | |
| cve@mitre.org | http://frontal2.mandriva.com/security/advisories?name=MDKSA-2003:028 | Broken Link | |
| cve@mitre.org | http://marc.info/?l=bugtraq&m=104673778105192&w=2 | Third Party Advisory | |
| cve@mitre.org | http://marc.info/?l=bugtraq&m=104678739608479&w=2 | Third Party Advisory | |
| cve@mitre.org | http://marc.info/?l=bugtraq&m=104678862109841&w=2 | Third Party Advisory | |
| cve@mitre.org | http://marc.info/?l=bugtraq&m=104678862409849&w=2 | Third Party Advisory | |
| cve@mitre.org | http://marc.info/?l=bugtraq&m=104679411316818&w=2 | Third Party Advisory | |
| cve@mitre.org | http://www-1.ibm.com/support/search.wss?rs=0&q=IY40500&apar=only | Broken Link | |
| cve@mitre.org | http://www-1.ibm.com/support/search.wss?rs=0&q=IY40501&apar=only | Broken Link | |
| cve@mitre.org | http://www-1.ibm.com/support/search.wss?rs=0&q=IY40502&apar=only | Broken Link | |
| cve@mitre.org | http://www.cert.org/advisories/CA-2003-07.html | Broken Link, Patch, Third Party Advisory, US Government Resource | |
| cve@mitre.org | http://www.debian.org/security/2003/dsa-257 | Broken Link | |
| cve@mitre.org | http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950 | Broken Link, Patch, Vendor Advisory | |
| cve@mitre.org | http://www.iss.net/security_center/static/10748.php | Broken Link | |
| cve@mitre.org | http://www.kb.cert.org/vuls/id/398025 | Third Party Advisory, US Government Resource | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2003-073.html | Broken Link | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2003-074.html | Broken Link | |
| cve@mitre.org | http://www.redhat.com/support/errata/RHSA-2003-227.html | Broken Link | |
| cve@mitre.org | http://www.securityfocus.com/bid/6991 | Broken Link, Exploit, Patch, Third Party Advisory, VDB Entry, Vendor Advisory | |
| cve@mitre.org | http://www.sendmail.org/8.12.8.html | Broken Link, Patch, Vendor Advisory | |
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2222 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-002.txt.asc | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.6 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.5 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | ftp://patches.sgi.com/support/free/security/advisories/20030301-01-P | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000571 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://frontal2.mandriva.com/security/advisories?name=MDKSA-2003:028 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=104673778105192&w=2 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=104678739608479&w=2 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=104678862109841&w=2 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=104678862409849&w=2 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=104679411316818&w=2 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www-1.ibm.com/support/search.wss?rs=0&q=IY40500&apar=only | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www-1.ibm.com/support/search.wss?rs=0&q=IY40501&apar=only | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www-1.ibm.com/support/search.wss?rs=0&q=IY40502&apar=only | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cert.org/advisories/CA-2003-07.html | Broken Link, Patch, Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2003/dsa-257 | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950 | Broken Link, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.iss.net/security_center/static/10748.php | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/398025 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2003-073.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2003-074.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.redhat.com/support/errata/RHSA-2003-227.html | Broken Link | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/6991 | Broken Link, Exploit, Patch, Third Party Advisory, VDB Entry, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.sendmail.org/8.12.8.html | Broken Link, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2222 | Broken Link |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sendmail | sendmail | * | |
| sendmail | sendmail | * | |
| sendmail | sendmail | * | |
| hp | alphaserver_sc | * | |
| gentoo | linux | 1.4 | |
| gentoo | linux | 1.4 | |
| hp | hp-ux | 10.10 | |
| hp | hp-ux | 10.20 | |
| hp | hp-ux | 11.00 | |
| hp | hp-ux | 11.0.4 | |
| hp | hp-ux | 11.11 | |
| hp | hp-ux | 11.22 | |
| netbsd | netbsd | 1.5 | |
| netbsd | netbsd | 1.5.1 | |
| netbsd | netbsd | 1.5.2 | |
| netbsd | netbsd | 1.5.3 | |
| netbsd | netbsd | 1.6 | |
| oracle | solaris | 2.6 | |
| oracle | solaris | 7.0 | |
| oracle | solaris | 8 | |
| oracle | solaris | 9 | |
| sun | sunos | - | |
| sun | sunos | 5.7 | |
| sun | sunos | 5.8 | |
| windriver | bsdos | 4.2 | |
| windriver | bsdos | 4.3.1 | |
| windriver | bsdos | 5.0 | |
| windriver | platform_sa | 1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sendmail:sendmail:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D3A2C0-B076-4351-8085-DA3A37117453",
"versionEndExcluding": "8.9.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5AE239ED-94EE-40C7-9133-D1F4779A2E0C",
"versionEndExcluding": "8.11.6",
"versionStartIncluding": "8.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:*:*:*:*:*:*:*:*",
"matchCriteriaId": "64788C22-64F9-41DB-A4C2-BFCD6DBD8EE6",
"versionEndExcluding": "8.12.8",
"versionStartIncluding": "8.12.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:hp:alphaserver_sc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5556D665-3792-4832-9EEE-D1122C9BF98E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D1FD0EB4-E744-4465-AFEE-A3C807C9C993",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:rc2:*:*:*:*:*:*",
"matchCriteriaId": "1D866A7D-F0B9-4EA3-93C6-1E7C2C2A861F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:*",
"matchCriteriaId": "38BFA923-7D80-4F01-AF9F-6F13209948AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*",
"matchCriteriaId": "EDE44C49-172C-4899-8CC8-29AA99A7CD2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB008E3-9A00-4D28-8826-A9FCC9F65314",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*",
"matchCriteriaId": "EBD0DC0A-ACAD-4870-9C0F-3095F2AC8CCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC78BA4-70F4-4B9F-93C2-B107E4DCC418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "28A10F5A-067E-4DD8-B585-ABCD6F6B324E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "69C7B4A8-E8D0-425C-B979-17E85458B0C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F538D2B-1AE1-4766-830E-CF7999181128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:8:*:*:*:*:*:*:*",
"matchCriteriaId": "722A52CF-4C6E-44D3-90C4-D2F72A40EF58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:9:*:*:*:*:*:*:*",
"matchCriteriaId": "4F864AD7-53A2-4225-870F-062876CE45DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "369207B4-96FA-4324-9445-98FAE8ECF5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "08003947-A4F1-44AC-84C6-9F8D097EB759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:windriver:bsdos:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "18B197B3-AA07-440F-A733-80B7CE07B3D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:windriver:bsdos:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "42761237-75A9-4E8C-8202-3CA3EB3D1ACC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:windriver:bsdos:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7FAFD2BC-330C-4357-B8C7-F451C6282869",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:windriver:platform_sa:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2151D858-F6D4-472E-9CC7-A8EA26E27CC7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en Sendmail 5.79 a la 8.12.7 que permite a atacantes remotos la ejecuci\u00f3n arbitraria de c\u00f3digo mediante ciertos campos de direcci\u00f3n formateados, relativos a comentarios de cabecera de emisor y receptor, procesados por la funci\u00f3n crackaddr del fichero headers.c."
}
],
"id": "CVE-2002-1337",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-03-07T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-002.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.6"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.5"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030301-01-P"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000571"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2003:028"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104673778105192\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104678739608479\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104678862109841\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104678862409849\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104679411316818\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40500\u0026apar=only"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40501\u0026apar=only"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40502\u0026apar=only"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2003-07.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.debian.org/security/2003/dsa-257"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.iss.net/security_center/static/10748.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/398025"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-073.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-074.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-227.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Exploit",
"Patch",
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/6991"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
],
"url": "http://www.sendmail.org/8.12.8.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2222"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-002.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030301-01-P"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000571"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://frontal2.mandriva.com/security/advisories?name=MDKSA-2003:028"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104673778105192\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104678739608479\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104678862109841\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104678862409849\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104679411316818\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40500\u0026apar=only"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40501\u0026apar=only"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY40502\u0026apar=only"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2003-07.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.debian.org/security/2003/dsa-257"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
],
"url": "http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.iss.net/security_center/static/10748.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/398025"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-073.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-074.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-227.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Exploit",
"Patch",
"Third Party Advisory",
"VDB Entry",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/6991"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
],
"url": "http://www.sendmail.org/8.12.8.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2222"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}