Search criteria
110 vulnerabilities found for sendmail by sendmail
VAR-200310-0072
Vulnerability from variot - Updated: 2024-07-23 19:31The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. sendmail A buffer overflow vulnerability was discovered in the email address parsing process. This vulnerability CERT Advisory CA-2003-07, CA-2003-12 This is a new vulnerability that differs from the vulnerability reported in. As for the vulnerability, there is a possibility that a third party may obtain administrator authority from a remote location. This problem, sendmail Occurs by receiving a message with a maliciously configured email address. For this reason, LAN Is running on a host sendmail Even other MTA (Mail Transfer Agent) If you receive a malicious message relayed from, you may be affected by the vulnerability.Service operation interruption (denial-of-service, DoS) An attacker or a remote third party may gain administrative privileges. This issue is different than the vulnerability described in BID 7230. Sendmail is one of the most popular mail transfer agents (MTAs) on the Internet. The local exploitation method on Linux can use recipient.c and sendtolist() to overwrite the pointer with the data submitted by the user. When calling the free() function, the command may be redirected, and the attacker can construct a malicious email message and submit it to Sendmail for analysis. Execute arbitrary commands on the system with Sendmail process privileges. There may also be other exploit methods, and it is also possible to exploit this vulnerability remotely
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200310-0072",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netbsd",
"scope": "eq",
"trust": 2.1,
"vendor": "netbsd",
"version": "1.6.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 2.1,
"vendor": "netbsd",
"version": "1.6"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 2.1,
"vendor": "netbsd",
"version": "1.5.3"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 2.1,
"vendor": "netbsd",
"version": "1.5.2"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 2.1,
"vendor": "netbsd",
"version": "1.5.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 2.1,
"vendor": "netbsd",
"version": "1.5"
},
{
"model": "aix",
"scope": "eq",
"trust": 2.1,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 2.1,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.9,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.9,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.9,
"vendor": "turbolinux",
"version": "6.0"
},
{
"model": "server",
"scope": "eq",
"trust": 1.9,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server",
"scope": "eq",
"trust": 1.9,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "server",
"scope": "eq",
"trust": 1.9,
"vendor": "turbolinux",
"version": "6.5"
},
{
"model": "server",
"scope": "eq",
"trust": 1.9,
"vendor": "turbolinux",
"version": "6.1"
},
{
"model": "advanced server",
"scope": "eq",
"trust": 1.9,
"vendor": "turbolinux",
"version": "6.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.8,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.8,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.8,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.3,
"vendor": "sun",
"version": "2.6"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.3,
"vendor": "sgi",
"version": "6.5.16"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.3,
"vendor": "sgi",
"version": "6.5.15"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.4.3"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.3.3"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "11.22"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "11.11"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "gentoo",
"version": "1.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "gentoo",
"version": "0.7"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "gentoo",
"version": "0.5"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a_pk5_bl23"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.1"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a_pk3_bl3"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "11.0.4"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.3"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.3"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.3"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0f_pk6_bl17"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a_pk2_bl2"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.6.1"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": null
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "3.0"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0g_pk4_bl22"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1b_pk2_bl22"
},
{
"model": "advanced message server",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "1.2"
},
{
"model": "pro",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.3"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1_pk5_bl19"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0f_pk7_bl18"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.6"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0f"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.10.1"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1_pk4_bl18"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "11.00"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0f_pk8_bl22"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1b_pk1_bl1"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.0,
"vendor": "sgi",
"version": "6.5.19m"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.0,
"vendor": "sgi",
"version": "6.5.18f"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2.2"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2.3"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.4"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.3"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.8"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1.3"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.0,
"vendor": "sgi",
"version": "6.5.18m"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.0,
"vendor": "sgi",
"version": "6.5.17m"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.8"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "9.0"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.4"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0g_pk3_bl17"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2.5"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "1.1a"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "8.0"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1.4"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.5"
},
{
"model": "advanced message server",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "1.3"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.0,
"vendor": "sgi",
"version": "6.5.17f"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1.1"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.0,
"vendor": "sgi",
"version": "6.5.19f"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.2"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.6"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.6"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.7"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.10.2"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.3"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a_pk1_bl1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2.4"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0g"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.1"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1b"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.2"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.2"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.8.8"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.2"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.6"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a_pk4_bl21"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1_pk6_bl20"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.4"
},
{
"model": "pro",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.2"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.0"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.0,
"vendor": "sgi",
"version": "6.5.21f"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.5"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.5"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.5"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.1"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 1.0,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.2"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1.5"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1_pk3_bl17"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.9"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.6.2"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1.2"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.0,
"vendor": "sgi",
"version": "6.5.21m"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.0,
"vendor": "sgi",
"version": "6.5.20f"
},
{
"model": "irix",
"scope": "eq",
"trust": 1.0,
"vendor": "sgi",
"version": "6.5.20m"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.4"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.7"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.10"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "conectiva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm eserver",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandrakesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sgi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "secure computing",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sendmail",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "the sendmail consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "turbolinux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wirex",
"version": null
},
{
"model": "cobalt raq4",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "openlinux",
"scope": "eq",
"trust": 0.8,
"vendor": "sco",
"version": "3.1.1 (server)"
},
{
"model": "open unix",
"scope": "eq",
"trust": 0.8,
"vendor": "sco",
"version": "8.0.0"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (sparc)"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "3.0.x (solaris"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.1"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.00"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "linux"
},
{
"model": "advanced message server",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "aix"
},
{
"model": "turbolinux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.0"
},
{
"model": "systemwalker it budgetmgr",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "aix edition )"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "8.0"
},
{
"model": "for nt",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "2.6.x"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.3"
},
{
"model": "systemwalker listcreator",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.8,
"vendor": "openbsd",
"version": "3.3"
},
{
"model": "sendmail",
"scope": "lte",
"trust": 0.8,
"vendor": "sendmail consortium",
"version": "8.12.9 and earlier"
},
{
"model": "for nt",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "version 3.0.x"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.8,
"vendor": "sco",
"version": "7.1.1"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "2.2.xj (windows nt/2000 edition )"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.5"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "2.2.x (solaris"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.1"
},
{
"model": "openbsd",
"scope": "lt",
"trust": 0.8,
"vendor": "openbsd",
"version": "version"
},
{
"model": "linux advanced workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1"
},
{
"model": "advanced message server",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "linux"
},
{
"model": "advanced message server",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "aix edition )"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "9"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "windows nt/2000"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.2"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "advanced message server",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "1.3 (windows 2000 edition )"
},
{
"model": "teamware office",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.22"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.8,
"vendor": "sgi",
"version": "6.5 (6.5.15 - 6.5.21f)"
},
{
"model": "advanced message server",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "2.1.x (solaris"
},
{
"model": "openlinux",
"scope": "eq",
"trust": 0.8,
"vendor": "sco",
"version": "3.1.1 (workstation)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "3.1.x (solaris"
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.8,
"vendor": "fore tune",
"version": "5.0"
},
{
"model": "cobalt qube3",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "interstage office square",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (ws)"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.8,
"vendor": "openbsd",
"version": "3.2"
},
{
"model": "gnu/linux",
"scope": "eq",
"trust": 0.8,
"vendor": "debian",
"version": "3.0"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "2.1.x (hp-ux edition )"
},
{
"model": "freebsd",
"scope": "lt",
"trust": 0.8,
"vendor": "freebsd",
"version": "version"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "2.0"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.8,
"vendor": "sco",
"version": "7.1.3"
},
{
"model": "cobalt raqxtr",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (x86)"
},
{
"model": "linux 5.0",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "turbolinux advanced server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (as)"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.04"
},
{
"model": "turbolinux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "bsd/os",
"scope": "eq",
"trust": 0.8,
"vendor": "fore tune",
"version": "4.3.1"
},
{
"model": "gnu/linux",
"scope": "lt",
"trust": 0.8,
"vendor": "debian",
"version": "version"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "2.1 (es)"
},
{
"model": "systemwalker listworks",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "advanced message server",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "2.0.x (solaris"
},
{
"model": "advanced message server",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "s390 linux edition )"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"model": "turbolinux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "advanced message server",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "1.2 (solaris"
},
{
"model": "systemwalker ip netmgr",
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "s390 linux edition )"
},
{
"model": "cobalt raq550",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "aix"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "9"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 7.0 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 2.6 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.0.7"
},
{
"model": "cobalt raq",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "550"
},
{
"model": "cobalt raq",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.21"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.21"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.18"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.18"
},
{
"model": "irix m",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.17"
},
{
"model": "irix f",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.17"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6.2"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6.1"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.5"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.4"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.3"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.2"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.1"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.5"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.4"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.3"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.2"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.1"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1"
},
{
"model": "inc sendmail pro",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.3"
},
{
"model": "inc sendmail pro",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.2"
},
{
"model": "inc sendmail advanced message server",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "1.3"
},
{
"model": "inc sendmail advanced message server",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "1.2"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.9"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.8"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.7"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.6"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.5"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.4"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.3"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.2"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.1"
},
{
"model": "consortium sendmail beta7",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "consortium sendmail beta5",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "consortium sendmail beta16",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "consortium sendmail beta12",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "consortium sendmail beta10",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.0"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.6"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.5"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.4"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.3"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.2"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.1"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.10.2"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.10.1"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.10"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.3"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.2"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.1"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.0"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.8.8"
},
{
"model": "beta",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.6"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.5x86"
},
{
"model": "sh3",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.5"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.04"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"model": "linux rc3",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "linux rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "linux rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "linux a",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "1.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "-release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.1"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "-release-p14",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.9"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "-release-p7",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.8"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "-release-p17",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "-release-p20",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "-release-p32",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.5"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "-release-p42",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.4"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "-release-p38",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.3"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.0"
},
{
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "3.0"
},
{
"model": "tru64 b pk2",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 b pk1",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 b",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 a pk5",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 a pk4",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 a pk3",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 a pk2",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 a pk1",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 a",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 pk6",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 pk5",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 pk4",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 pk3",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 g pk4",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "tru64 g pk3",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "tru64 g",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "tru64 f pk8",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "tru64 f pk7",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "tru64 f pk6",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "tru64 f",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.22"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.14"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.13"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.12"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.11"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.10"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.9"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.8"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.7"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.6"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.5"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.4"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.3"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.2"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.1"
},
{
"model": "consortium sendmail",
"scope": "ne",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.10"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#784980"
},
{
"db": "BID",
"id": "8641"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000278"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-019"
},
{
"db": "NVD",
"id": "CVE-2003-0694"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sendmail:advanced_message_server:1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.10.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:3.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12:beta12:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12:beta16:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:advanced_message_server:1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:3.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:3.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12:beta5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12:beta7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_pro:8.9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.20f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.20m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.8.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.17f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.17m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.21f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.21m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_pro:8.9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:3.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:3.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.19f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.19m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:2.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:2.6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.10.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12:beta10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:3.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.18f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sgi:irix:6.5.18m:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0g_pk4_bl22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a_pk3_bl3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a_pk4_bl21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.3:release_p38:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.3:releng:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.7:release_p17:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.7:releng:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux_server:6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux_server:6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0f_pk6_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1_pk3_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1_pk4_bl18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1_pk5_bl19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a_pk5_bl23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.4:release_p42:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.4:releng:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.8:release_p6:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.8:releng:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.9:pre-release:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.1a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ibm:aix:4.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5:*:sh3:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux_server:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0g_pk3_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a_pk1_bl1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a_pk2_bl2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:3.0:releng:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.0:releng:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.6:release_p20:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.6:releng:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:5.1:release_p5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:5.1:releng:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.6:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux_advanced_server:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0f_pk7_bl18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0f_pk8_bl22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1_pk6_bl20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1b_pk1_bl1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1b_pk2_bl22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.5:release_p32:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:4.5:releng:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:5.0:release_p14:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:freebsd:freebsd:5.0:releng:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ibm:aix:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ibm:aix:5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux_workstation:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux_workstation:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0694"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Michal Zalewski\u203b lcamtuf@echelon.pl",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200310-019"
}
],
"trust": 0.6
},
"cve": "CVE-2003-0694",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2003-0694",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-7519",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2003-0694",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#784980",
"trust": 0.8,
"value": "36.72"
},
{
"author": "CNNVD",
"id": "CNNVD-200310-019",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-7519",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2003-0694",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#784980"
},
{
"db": "VULHUB",
"id": "VHN-7519"
},
{
"db": "VULMON",
"id": "CVE-2003-0694"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000278"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-019"
},
{
"db": "NVD",
"id": "CVE-2003-0694"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. sendmail A buffer overflow vulnerability was discovered in the email address parsing process. This vulnerability CERT Advisory CA-2003-07, CA-2003-12 This is a new vulnerability that differs from the vulnerability reported in. As for the vulnerability, there is a possibility that a third party may obtain administrator authority from a remote location. This problem, sendmail Occurs by receiving a message with a maliciously configured email address. For this reason, LAN Is running on a host sendmail Even other MTA (Mail Transfer Agent) If you receive a malicious message relayed from, you may be affected by the vulnerability.Service operation interruption (denial-of-service, DoS) An attacker or a remote third party may gain administrative privileges. This issue is different than the vulnerability described in BID 7230. Sendmail is one of the most popular mail transfer agents (MTAs) on the Internet. The local exploitation method on Linux can use recipient.c and sendtolist() to overwrite the pointer with the data submitted by the user. When calling the free() function, the command may be redirected, and the attacker can construct a malicious email message and submit it to Sendmail for analysis. Execute arbitrary commands on the system with Sendmail process privileges. There may also be other exploit methods, and it is also possible to exploit this vulnerability remotely",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0694"
},
{
"db": "CERT/CC",
"id": "VU#784980"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000278"
},
{
"db": "BID",
"id": "8641"
},
{
"db": "VULHUB",
"id": "VHN-7519"
},
{
"db": "VULMON",
"id": "CVE-2003-0694"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#784980",
"trust": 3.4
},
{
"db": "NVD",
"id": "CVE-2003-0694",
"trust": 2.9
},
{
"db": "BID",
"id": "8641",
"trust": 1.3
},
{
"db": "XF",
"id": "13204",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000278",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200310-019",
"trust": 0.7
},
{
"db": "CONECTIVA",
"id": "CLA-2003:742",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:284",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:283",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "CA-2003-25",
"trust": 0.6
},
{
"db": "VULNWATCH",
"id": "20030917 ZALEWSKI ADVISORY - SENDMAIL 8.12.9 PRESCAN BUG",
"trust": 0.6
},
{
"db": "SCO",
"id": "SCOSA-2004.11",
"trust": 0.6
},
{
"db": "MANDRAKE",
"id": "MDKSA-2003:092",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030917 GLSA: SENDMAIL (200309-13)",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030917 [SLACKWARE-SECURITY] SENDMAIL VULNERABILITIES FIXED (SSA:2003-260-02)",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030917 SENDMAIL 8.12.9 PRESCAN BUG (A NEW ONE) [CAN-2003-0694]",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030919 [OPENPKG-SA-2003.041] OPENPKG SECURITY ADVISORY (SENDMAIL)",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:603",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:2975",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:572",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20030917 SENDMAIL 8.12.9 PRESCAN BUG (A NEW ONE) [CAN-2003-0694]",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-384",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-7519",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2003-0694",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#784980"
},
{
"db": "VULHUB",
"id": "VHN-7519"
},
{
"db": "VULMON",
"id": "CVE-2003-0694"
},
{
"db": "BID",
"id": "8641"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000278"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-019"
},
{
"db": "NVD",
"id": "CVE-2003-0694"
}
]
},
"id": "VAR-200310-0072",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-7519"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T19:31:47.530000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "ca-2003-25",
"trust": 0.8,
"url": "http://software.fujitsu.com/jp/security/vulnerabilities/cert/cert2003.html#ca-2003-25"
},
{
"title": "DSA-384-1",
"trust": 0.8,
"url": "http://www.debian.org/security/2003/dsa-384"
},
{
"title": "FreeBSD-SA-03:13.sendmail ",
"trust": 0.8,
"url": "http://security.freebsd.org/advisories/freebsd-sa-03:13.sendmail.asc"
},
{
"title": "HPSBUX00281",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c01035741"
},
{
"title": "IY48657",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1iy48657"
},
{
"title": "IY48659",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1iy48659"
},
{
"title": "IY48658",
"trust": 0.8,
"url": "http://www-1.ibm.com/support/docview.wss?uid=isg1iy48658"
},
{
"title": "MSS-OAR-E01-2003.1473.1",
"trust": 0.8,
"url": "http://www-1.ibm.com/services/continuity/recover1.nsf/mss/mss-oar-e01-2003.1473.1"
},
{
"title": "sendmail (V2.x)",
"trust": 0.8,
"url": "http://www.miraclelinux.com/update/linux/list.php?errata_id=150"
},
{
"title": "NetBSD-SA2003-016",
"trust": 0.8,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2003-016.txt.asc"
},
{
"title": "018: SECURITY FIX: September 17, 2003",
"trust": 0.8,
"url": "http://www.openbsd.org/errata32.html#sendmail4"
},
{
"title": "005: SECURITY FIX: September 17, 2003",
"trust": 0.8,
"url": "http://www.openbsd.org/errata33.html#sendmail"
},
{
"title": "RHSA-2003:283",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2003-283.html"
},
{
"title": "RHSA-2003:284",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2003-284.html"
},
{
"title": "CSSA-2003-036.0",
"trust": 0.8,
"url": "ftp://ftp.sco.com/pub/security/openlinux/cssa-2003-036.0.txt"
},
{
"title": "CSSA-2003-SCO.23.1",
"trust": 0.8,
"url": "ftp://ftp.sco.com/pub/updates/unixware/cssa-2003-sco.23/cssa-2003-sco.23.txt"
},
{
"title": "8.12.10",
"trust": 0.8,
"url": "http://www.sendmail.org/8.12.10.html"
},
{
"title": "2003-9-17",
"trust": 0.8,
"url": "http://www.sendmail.com/security/"
},
{
"title": "20030903-01-P",
"trust": 0.8,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030903-01-p.asc"
},
{
"title": "56922",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-56922-1"
},
{
"title": "56860",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-56860-1"
},
{
"title": "56922",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-56922-3"
},
{
"title": "56860",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-56860-3"
},
{
"title": "XTR Sendmail Security Update 1.0.1",
"trust": 0.8,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raqxtr.eng\u0026amp;nav=patchpage"
},
{
"title": "550 Sendmail Security Update 0.0.1",
"trust": 0.8,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raq550.eng\u0026amp;nav=patchpage"
},
{
"title": "4 Sendmail Security Update 2.0.2",
"trust": 0.8,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raq4.eng\u0026amp;nav=patchpage"
},
{
"title": "TLSA-2003-52",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2003/tlsa-2003-52.txt"
},
{
"title": "Sendmail Inc. Information for VU#784980",
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/aamn-5rhq64"
},
{
"title": "M500-012",
"trust": 0.8,
"url": "ftp://ftp.foretune.co.jp/pub/bsdos/patches-5.0/m500-012.ia32"
},
{
"title": "M431-011",
"trust": 0.8,
"url": "ftp://ftp.foretune.co.jp/pub/bsdos/patches-4.3.1/i386/m431-011"
},
{
"title": "RHSA-2003:283",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2003-283j.html"
},
{
"title": "RHSA-2003:284",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2003-284j.html"
},
{
"title": "TLSA-2003-52",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2003/tlsa-2003-52j.txt"
},
{
"title": "Debian Security Advisories: DSA-384-1 sendmail -- buffer overflows",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=243b978e3f17d13dd590ac7cfc4a472f"
},
{
"title": "cumes",
"trust": 0.1,
"url": "https://github.com/byte-mug/cumes "
},
{
"title": "x0rzEQGRP",
"trust": 0.1,
"url": "https://github.com/happysmack/x0rzeqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/nekkidso/eqgrp "
},
{
"title": "test",
"trust": 0.1,
"url": "https://github.com/devkosov/test "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/hackcrypto/eqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/ninja-tw1st/eqgrp "
},
{
"title": "leaked2",
"trust": 0.1,
"url": "https://github.com/kongjiexi/leaked2 "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/391861737/eqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/muhammd/eqgrp "
},
{
"title": "ShadowBrokersFiles",
"trust": 0.1,
"url": "https://github.com/r3k1ng/shadowbrokersfiles "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/ckmaenn/eqgrp "
},
{
"title": "EQGRP_Linux",
"trust": 0.1,
"url": "https://github.com/cybernetix-s3c/eqgrp_linux "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/iha114/eqgrp "
},
{
"title": "ShadowBrokersFiles",
"trust": 0.1,
"url": "https://github.com/antiscammerarmy/shadowbrokersfiles "
},
{
"title": "shadowbrokerstuff",
"trust": 0.1,
"url": "https://github.com/thetrentusdev/shadowbrokerstuff "
},
{
"title": "bdhglopoj",
"trust": 0.1,
"url": "https://github.com/maxcvnd/bdhglopoj "
},
{
"title": "shadowbrokerstuff",
"trust": 0.1,
"url": "https://github.com/shakenetwork/shadowbrokerstuff "
},
{
"title": "x0rz-EQGRP",
"trust": 0.1,
"url": "https://github.com/r3p3r/x0rz-eqgrp "
},
{
"title": "ShadowBrokersStuff",
"trust": 0.1,
"url": "https://github.com/thetrentus/shadowbrokersstuff "
},
{
"title": "EQ1",
"trust": 0.1,
"url": "https://github.com/thepevertedspartan/eq1 "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/badbug6/eqgrp "
},
{
"title": "EQGRP-nasa",
"trust": 0.1,
"url": "https://github.com/soldie/eqgrp-nasa "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/mofty/eqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/thetrentus/eqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/namangangwar/eqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/x0rz/eqgrp "
},
{
"title": "SB--.-HACK-the-EQGRP-1",
"trust": 0.1,
"url": "https://github.com/cipherreborn/sb--.-hack-the-eqgrp-1 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2003-0694"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000278"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0694"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://www.cert.org/advisories/ca-2003-25.html"
},
{
"trust": 2.7,
"url": "http://www.kb.cert.org/vuls/id/784980"
},
{
"trust": 2.6,
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2003-q3/4119.html"
},
{
"trust": 2.6,
"url": "http://www.sendmail.org/8.12.10.html"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2003/dsa-384"
},
{
"trust": 1.8,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2003:092"
},
{
"trust": 1.8,
"url": "http://www.redhat.com/support/errata/rhsa-2003-283.html"
},
{
"trust": 1.8,
"url": "http://www.redhat.com/support/errata/rhsa-2003-284.html"
},
{
"trust": 1.8,
"url": "ftp://ftp.sco.com/pub/updates/openserver/scosa-2004.11/scosa-2004.11.txt"
},
{
"trust": 1.8,
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0113.html"
},
{
"trust": 1.7,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000742"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a2975"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a572"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a603"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=106383437615742\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=106382859407683\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=106381604923204\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=106398718909274\u0026w=2"
},
{
"trust": 0.9,
"url": "http://www.securityfocus.com/bid/8641"
},
{
"trust": 0.8,
"url": "http://archives.neohapsis.com/archives/sendmail/2003-q3/0002.html"
},
{
"trust": 0.8,
"url": "http://www.sendmail.org/patches/parse8.359.2.8"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/n-149.shtml"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2003-0694"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/13204"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2003/wr033901.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2003/wr034001.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnca-2003-25"
},
{
"trust": 0.8,
"url": "http://jvn.jp/tr/trca-2003-25"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2003-0694"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/important/20030918_190150.html"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=106398718909274\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=106383437615742\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=106382859407683\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=106381604923204\u0026w=2"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:603"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:572"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:2975"
},
{
"trust": 0.3,
"url": "http://www-1.ibm.com/servers/aix/"
},
{
"trust": 0.3,
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000746"
},
{
"trust": 0.3,
"url": "http://www.sendmail.org/"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f56860"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f56922"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/qube3.eng\u0026nav=patchpage"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raq4.eng\u0026nav=patchpage"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raqxtr.eng\u0026nav=patchpage"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raq550.eng\u0026nav=patchpage"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/patches/linux/security.html"
},
{
"trust": 0.3,
"url": "http://ftp.support.compaq.com/patches/public/unix/v4.0g/t64kit0020132-v40gb22-es-20031001.readme"
},
{
"trust": 0.3,
"url": "http://ftp.support.compaq.com/patches/public/unix/v5.1/t64v51ab-ix-553-sendmail-ssrt3631.readme"
},
{
"trust": 0.3,
"url": "http://ftp.support.compaq.com/patches/public/unix/v5.1/t64v51ab-ix-563-sendmail-ssrt3631.readme"
},
{
"trust": 0.3,
"url": "http://ftp.support.compaq.com/patches/public/unix/v5.1/t64v51ab-ix-586-sendmail-ssrt3631.readme"
},
{
"trust": 0.3,
"url": "http://ftp.support.compaq.com/patches/public/unix/v5.1/t64v51ab-ix-594-sendmail-ssrt3631.readme"
},
{
"trust": 0.3,
"url": "/archive/1/337839"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=106383437615742\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=106381604923204\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=106382859407683\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=106398718909274\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026amp;anuncio=000742"
},
{
"trust": 0.1,
"url": ""
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/./dsa-384"
},
{
"trust": 0.1,
"url": "https://github.com/byte-mug/cumes"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#784980"
},
{
"db": "VULHUB",
"id": "VHN-7519"
},
{
"db": "VULMON",
"id": "CVE-2003-0694"
},
{
"db": "BID",
"id": "8641"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000278"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-019"
},
{
"db": "NVD",
"id": "CVE-2003-0694"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#784980"
},
{
"db": "VULHUB",
"id": "VHN-7519"
},
{
"db": "VULMON",
"id": "CVE-2003-0694"
},
{
"db": "BID",
"id": "8641"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000278"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-019"
},
{
"db": "NVD",
"id": "CVE-2003-0694"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-09-17T00:00:00",
"db": "CERT/CC",
"id": "VU#784980"
},
{
"date": "2003-10-06T00:00:00",
"db": "VULHUB",
"id": "VHN-7519"
},
{
"date": "2003-10-06T00:00:00",
"db": "VULMON",
"id": "CVE-2003-0694"
},
{
"date": "2003-09-17T00:00:00",
"db": "BID",
"id": "8641"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000278"
},
{
"date": "2003-09-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200310-019"
},
{
"date": "2003-10-06T04:00:00",
"db": "NVD",
"id": "CVE-2003-0694"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-09-29T00:00:00",
"db": "CERT/CC",
"id": "VU#784980"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-7519"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2003-0694"
},
{
"date": "2009-07-11T23:56:00",
"db": "BID",
"id": "8641"
},
{
"date": "2007-08-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000278"
},
{
"date": "2006-08-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200310-019"
},
{
"date": "2018-10-30T16:26:22.763000",
"db": "NVD",
"id": "CVE-2003-0694"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200310-019"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sendmail prescan() buffer overflow vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#784980"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "8641"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-019"
}
],
"trust": 0.9
}
}
VAR-200303-0122
Vulnerability from variot - Updated: 2024-03-01 20:03Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c. sendmail A buffer overflow vulnerability was discovered in message processing. The vulnerability could allow a third party to gain administrative privileges remotely. This problem, sendmail is caused by receiving a message with maliciously constructed header information. For this reason, LAN is running on a host installed within sendmail Even other MTA (Mail Transfer Agent) You may be affected by the vulnerability if you receive a malicious message relayed from .A third party may be able to remotely obtain administrator privileges. Sendmail is prone to a remotely buffer-overflow vulnerability in the SMTP header parsing component. Successful attackers may exploit this vulnerability to gain control of affected servers. Reportedly, this vulnerability may be locally exploitable if the sendmail binary is setuid/setgid. Sendmail 5.2 to 8.12.7 are affected. Administrators are advised to upgrade to 8.12.8 or to apply patches to earlier versions of the 8.12.x tree. Most organizations have various mail transfer agents (MTAs) at various locations within their network, at least one of which is directly connected to the Internet. According to statistics, Internet mail traffic handled by Sendmail accounts for 50\% to 75\% of the total. Many UNIX and Linux workstations run Sendmail by default. When an email header contains an address or address list (eg \"From\", \"To\", \"CC\"), Sendmail will attempt to check whether the provided address or address list is valid. Sendmail does this using the crackaddr() function, which is located in the headers.c file in the Sendmail source tree. Sendmail will check this buffer and stop adding data to it if it is found to be full. Sendmail goes through several safety checks to ensure that characters are interpreted correctly. On most Unix or Linux systems, Sendmail runs as the root user. Because the attack code can be included in what appears to be a normal email message, it can easily penetrate many common packet filtering devices or firewalls without being detected. Successful exploitation of an unpatched sendmail system leaves no messages in the syslog. However, on patched systems, attempts to exploit this vulnerability leave the following log message: Dropped invalid comments from header address This vulnerability affects both the commercial and open source versions of Sendmail, and is also reported to have been tested in the lab environment has been successfully exploited
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200303-0122",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.6"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.5.3"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.5.2"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.5.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.5"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "11.22"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.10"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "9"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "2.6"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.7"
},
{
"model": "sendmail",
"scope": "gte",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.10.0"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": null
},
{
"model": "sendmail",
"scope": "lt",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.6"
},
{
"model": "sendmail",
"scope": "gte",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.0"
},
{
"model": "bsdos",
"scope": "eq",
"trust": 1.0,
"vendor": "windriver",
"version": "5.0"
},
{
"model": "sendmail",
"scope": "lt",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.8"
},
{
"model": "bsdos",
"scope": "eq",
"trust": 1.0,
"vendor": "windriver",
"version": "4.2"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.8"
},
{
"model": "alphaserver sc",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "bsdos",
"scope": "eq",
"trust": 1.0,
"vendor": "windriver",
"version": "4.3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "11.00"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "11.0.4"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "7.0"
},
{
"model": "platform sa",
"scope": "eq",
"trust": 1.0,
"vendor": "windriver",
"version": "1.0"
},
{
"model": "sendmail",
"scope": "lt",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.3"
},
{
"model": "alphaserver sc",
"scope": null,
"trust": 0.9,
"vendor": "hp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "bsd os",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "conectiva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandrakesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nortel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sgi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sendmail",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "the sco group sco linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "the sco group sco unixware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "the sendmail consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "xerox",
"version": null
},
{
"model": "bsd/os",
"scope": null,
"trust": 0.8,
"vendor": "\u30d5\u30a9\u30a2 \u30c1\u30e5\u30fc\u30f3",
"version": null
},
{
"model": "ux4800\u30b7\u30ea\u30fc\u30ba",
"scope": null,
"trust": 0.8,
"vendor": "\u65e5\u672c\u96fb\u6c17",
"version": null
},
{
"model": "sendmail",
"scope": null,
"trust": 0.8,
"vendor": "sendmail consortium",
"version": null
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "sun cobalt qube3",
"scope": null,
"trust": 0.8,
"vendor": "\u30b5\u30f3 \u30de\u30a4\u30af\u30ed\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "systemwalker perfmgr",
"scope": null,
"trust": 0.8,
"vendor": "\u5bcc\u58eb\u901a",
"version": null
},
{
"model": "teamware office",
"scope": "eq",
"trust": 0.8,
"vendor": "\u5bcc\u58eb\u901a",
"version": null
},
{
"model": "sun cobalt raq3",
"scope": null,
"trust": 0.8,
"vendor": "\u30b5\u30f3 \u30de\u30a4\u30af\u30ed\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "sendmail switch",
"scope": null,
"trust": 0.8,
"vendor": "\u30bb\u30f3\u30c9\u30e1\u30fc\u30eb\u793e",
"version": null
},
{
"model": "up-ux",
"scope": null,
"trust": 0.8,
"vendor": "\u65e5\u672c\u96fb\u6c17",
"version": null
},
{
"model": "sun cobalt raq4",
"scope": null,
"trust": 0.8,
"vendor": "\u30b5\u30f3 \u30de\u30a4\u30af\u30ed\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "interstage collaborationring pm",
"scope": null,
"trust": 0.8,
"vendor": "\u5bcc\u58eb\u901a",
"version": null
},
{
"model": "irix",
"scope": null,
"trust": 0.8,
"vendor": "sgi",
"version": null
},
{
"model": "netbsd",
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": "sun linux 5.0",
"scope": null,
"trust": 0.8,
"vendor": "\u30b5\u30f3 \u30de\u30a4\u30af\u30ed\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "turbolinux workstation",
"scope": null,
"trust": 0.8,
"vendor": "\u30bf\u30fc\u30dc\u30ea\u30ca\u30c3\u30af\u30b9",
"version": null
},
{
"model": "unixware",
"scope": null,
"trust": 0.8,
"vendor": "sco",
"version": null
},
{
"model": "interstage collaborationring tpm",
"scope": null,
"trust": 0.8,
"vendor": "\u5bcc\u58eb\u901a",
"version": null
},
{
"model": "sendmail pro",
"scope": null,
"trust": 0.8,
"vendor": "\u30bb\u30f3\u30c9\u30e1\u30fc\u30eb\u793e",
"version": null
},
{
"model": "sendmail for nt",
"scope": null,
"trust": 0.8,
"vendor": "\u30bb\u30f3\u30c9\u30e1\u30fc\u30eb\u793e",
"version": null
},
{
"model": "turbolinux advanced server",
"scope": null,
"trust": 0.8,
"vendor": "\u30bf\u30fc\u30dc\u30ea\u30ca\u30c3\u30af\u30b9",
"version": null
},
{
"model": "systemwalker it budgetmgr",
"scope": null,
"trust": 0.8,
"vendor": "\u5bcc\u58eb\u901a",
"version": null
},
{
"model": "apple mac os x",
"scope": null,
"trust": 0.8,
"vendor": "\u30a2\u30c3\u30d7\u30eb",
"version": null
},
{
"model": "aix",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": "hi-ux/we2",
"scope": null,
"trust": 0.8,
"vendor": "\u65e5\u7acb",
"version": null
},
{
"model": "open unix",
"scope": null,
"trust": 0.8,
"vendor": "sco",
"version": null
},
{
"model": "trendmicro interscan viruswall",
"scope": null,
"trust": 0.8,
"vendor": "\u30c8\u30ec\u30f3\u30c9\u30de\u30a4\u30af\u30ed",
"version": null
},
{
"model": "sun cobalt raq550",
"scope": null,
"trust": 0.8,
"vendor": "\u30b5\u30f3 \u30de\u30a4\u30af\u30ed\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "internet navigware server",
"scope": null,
"trust": 0.8,
"vendor": "\u5bcc\u58eb\u901a",
"version": null
},
{
"model": "openlinux",
"scope": null,
"trust": 0.8,
"vendor": "sco",
"version": null
},
{
"model": "hp-ux",
"scope": null,
"trust": 0.8,
"vendor": "\u30d2\u30e5\u30fc\u30ec\u30c3\u30c8 \u30d1\u30c3\u30ab\u30fc\u30c9",
"version": null
},
{
"model": "interstage office square",
"scope": null,
"trust": 0.8,
"vendor": "\u5bcc\u58eb\u901a",
"version": null
},
{
"model": "red hat enterprise linux",
"scope": null,
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"model": "sun solaris",
"scope": null,
"trust": 0.8,
"vendor": "\u30b5\u30f3 \u30de\u30a4\u30af\u30ed\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "red hat linux advanced workstation",
"scope": null,
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"model": "turbolinux server",
"scope": null,
"trust": 0.8,
"vendor": "\u30bf\u30fc\u30dc\u30ea\u30ca\u30c3\u30af\u30b9",
"version": null
},
{
"model": "sun cobalt raqxtr",
"scope": null,
"trust": 0.8,
"vendor": "\u30b5\u30f3 \u30de\u30a4\u30af\u30ed\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "red hat linux",
"scope": null,
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"model": "ews-ux",
"scope": null,
"trust": 0.8,
"vendor": "\u65e5\u672c\u96fb\u6c17",
"version": null
},
{
"model": "freebsd",
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "11.04"
},
{
"model": "river systems platform sa",
"scope": "eq",
"trust": 0.3,
"vendor": "wind",
"version": "1.0"
},
{
"model": "river systems bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "wind",
"version": "5.0"
},
{
"model": "river systems bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "wind",
"version": "4.3.1"
},
{
"model": "river systems bsd/os",
"scope": "eq",
"trust": 0.3,
"vendor": "wind",
"version": "4.2"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "9"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris 7.0 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "solaris 2.6 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.6"
},
{
"model": "lx50",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "cobalt raq xtr",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "cobalt raq",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "550"
},
{
"model": "cobalt raq",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4"
},
{
"model": "cobalt raq",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3"
},
{
"model": "cobalt qube",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "3"
},
{
"model": "cobalt manageraq3 3000r-mr",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "cobalt cacheraq",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.18"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.17"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.16"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.15"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.14"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.13"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.12"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.11"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.10"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.9"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.8"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.7"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.6"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.5"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.4"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.3"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5"
},
{
"model": "freeware",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "1.0"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.4"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.3"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.2"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.1"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.4"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.3"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.2"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.1"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6.1"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6"
},
{
"model": "inc sendmail advanced message server",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "1.3"
},
{
"model": "inc sendmail advanced message server",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "1.2"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.4"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.3"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.2"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.1"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.4"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.3"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.2"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.1"
},
{
"model": "consortium sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1"
},
{
"model": "consortium sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "consortium sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "consortium sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "consortium sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6.1"
},
{
"model": "consortium sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.7"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.6"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.5"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.4"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.3"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.2"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.1"
},
{
"model": "consortium sendmail beta7",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "consortium sendmail beta5",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "consortium sendmail beta16",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "consortium sendmail beta12",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "consortium sendmail beta10",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.0"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.6"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.5"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.4"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.3"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.2"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.1"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.10.2"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.10.1"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.10"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.3"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.2"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.1"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.0"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.8.8"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "5.65"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "5.61"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "5.59"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "7.1.3"
},
{
"model": "unixware",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "7.1.1"
},
{
"model": "open unix",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "8.0"
},
{
"model": "z/os v1r4",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "z/os v1r2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "os/390 v2r8",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "os/390 v2r10",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "mvs",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.5"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"model": "hp-ux b.11.22",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.04",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "linux rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "linux rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "5.0"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.7"
},
{
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "4.6"
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"model": "inc sendmail switch",
"scope": "ne",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "inc sendmail switch",
"scope": "ne",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.5"
},
{
"model": "inc sendmail switch",
"scope": "ne",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.5"
},
{
"model": "inc sendmail for nt",
"scope": "ne",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "inc sendmail for nt",
"scope": "ne",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6.2"
},
{
"model": "consortium sendmail switch",
"scope": "ne",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "consortium sendmail switch",
"scope": "ne",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.5"
},
{
"model": "consortium sendmail switch",
"scope": "ne",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.5"
},
{
"model": "consortium sendmail for nt",
"scope": "ne",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "consortium sendmail for nt",
"scope": "ne",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6.2"
},
{
"model": "consortium sendmail",
"scope": "ne",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.8"
},
{
"model": "gnu/*/linux",
"scope": "ne",
"trust": 0.3,
"vendor": "openwall",
"version": "1.0"
},
{
"model": "networks junos",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
},
{
"model": "networks junos",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": "5.0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#398025"
},
{
"db": "BID",
"id": "6991"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000061"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-038"
},
{
"db": "NVD",
"id": "CVE-2002-1337"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.11.6",
"versionStartIncluding": "8.10.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.9.3",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.12.8",
"versionStartIncluding": "8.12.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:windriver:bsdos:4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:windriver:bsdos:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:oracle:solaris:8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:oracle:solaris:9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:hp:alphaserver_sc:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:windriver:platform_sa:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:windriver:bsdos:4.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:oracle:solaris:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:oracle:solaris:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1337"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ISS X-Force\u203b xforce@iss.net",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200303-038"
}
],
"trust": 0.6
},
"cve": "CVE-2002-1337",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2002-1337",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-5722",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2002-1337",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#398025",
"trust": 0.8,
"value": "66.00"
},
{
"author": "CNNVD",
"id": "CNNVD-200303-038",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-5722",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#398025"
},
{
"db": "VULHUB",
"id": "VHN-5722"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000061"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-038"
},
{
"db": "NVD",
"id": "CVE-2002-1337"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c. sendmail A buffer overflow vulnerability was discovered in message processing. The vulnerability could allow a third party to gain administrative privileges remotely. This problem, sendmail is caused by receiving a message with maliciously constructed header information. For this reason, LAN is running on a host installed within sendmail Even other MTA (Mail Transfer Agent) You may be affected by the vulnerability if you receive a malicious message relayed from .A third party may be able to remotely obtain administrator privileges. Sendmail is prone to a remotely buffer-overflow vulnerability in the SMTP header parsing component. Successful attackers may exploit this vulnerability to gain control of affected servers. \nReportedly, this vulnerability may be locally exploitable if the sendmail binary is setuid/setgid. \nSendmail 5.2 to 8.12.7 are affected. Administrators are advised to upgrade to 8.12.8 or to apply patches to earlier versions of the 8.12.x tree. Most organizations have various mail transfer agents (MTAs) at various locations within their network, at least one of which is directly connected to the Internet. According to statistics, Internet mail traffic handled by Sendmail accounts for 50\\\\% to 75\\\\% of the total. Many UNIX and Linux workstations run Sendmail by default. When an email header contains an address or address list (eg \\\"From\\\", \\\"To\\\", \\\"CC\\\"), Sendmail will attempt to check whether the provided address or address list is valid. Sendmail does this using the crackaddr() function, which is located in the headers.c file in the Sendmail source tree. Sendmail will check this buffer and stop adding data to it if it is found to be full. Sendmail goes through several safety checks to ensure that characters are interpreted correctly. On most Unix or Linux systems, Sendmail runs as the root user. Because the attack code can be included in what appears to be a normal email message, it can easily penetrate many common packet filtering devices or firewalls without being detected. Successful exploitation of an unpatched sendmail system leaves no messages in the syslog. However, on patched systems, attempts to exploit this vulnerability leave the following log message: Dropped invalid comments from header address This vulnerability affects both the commercial and open source versions of Sendmail, and is also reported to have been tested in the lab environment has been successfully exploited",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1337"
},
{
"db": "CERT/CC",
"id": "VU#398025"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000061"
},
{
"db": "BID",
"id": "6991"
},
{
"db": "VULHUB",
"id": "VHN-5722"
}
],
"trust": 2.7
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-5722",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5722"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2002-1337",
"trust": 3.6
},
{
"db": "CERT/CC",
"id": "VU#398025",
"trust": 3.3
},
{
"db": "BID",
"id": "6991",
"trust": 2.8
},
{
"db": "XF",
"id": "10748",
"trust": 1.4
},
{
"db": "XF",
"id": "11653",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000061",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200303-038",
"trust": 0.7
},
{
"db": "CALDERA",
"id": "CSSA-2003-SCO.5",
"trust": 0.6
},
{
"db": "CALDERA",
"id": "CSSA-2003-SCO.6",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:074",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:073",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:227",
"trust": 0.6
},
{
"db": "HP",
"id": "HPSBUX0302-246",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030303 FWD: APPLE-SA-2003-03-03 SENDMAIL",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030304 [LSD] TECHNICAL ANALYSIS OF THE REMOTE SENDMAIL VULNERABILITY",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030304 GLSA: SENDMAIL (200303-4)",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030303 SENDMAIL 8.12.8 AVAILABLE",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "CA-2003-07",
"trust": 0.6
},
{
"db": "OVAL",
"id": "OVAL:ORG.MITRE.OVAL:DEF:2222",
"trust": 0.6
},
{
"db": "AIXAPAR",
"id": "IY40500",
"trust": 0.6
},
{
"db": "AIXAPAR",
"id": "IY40502",
"trust": 0.6
},
{
"db": "AIXAPAR",
"id": "IY40501",
"trust": 0.6
},
{
"db": "CONECTIVA",
"id": "CLA-2003:571",
"trust": 0.6
},
{
"db": "MANDRAKE",
"id": "MDKSA-2003:028",
"trust": 0.6
},
{
"db": "SGI",
"id": "20030301-01-P",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-257",
"trust": 0.6
},
{
"db": "ISS",
"id": "20030303 REMOTE SENDMAIL HEADER PROCESSING VULNERABILITY",
"trust": 0.6
},
{
"db": "NETBSD",
"id": "NETBSD-SA2003-002",
"trust": 0.6
},
{
"db": "SEEBUG",
"id": "SSVID-76118",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-76119",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "22314",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "22313",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "411",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-5722",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#398025"
},
{
"db": "VULHUB",
"id": "VHN-5722"
},
{
"db": "BID",
"id": "6991"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000061"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-038"
},
{
"db": "NVD",
"id": "CVE-2002-1337"
}
]
},
"id": "VAR-200303-0122",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-5722"
}
],
"trust": 0.41392874999999996
},
"last_update_date": "2024-03-01T20:03:34.039000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HS03-001 Fujitsu CERT\u00a0Advisory information",
"trust": 0.8,
"url": "http://www.debian.org/security/2003/dsa-257"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000061"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.0
},
{
"problemtype": "Classic buffer overflow (CWE-120) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2003-000061"
},
{
"db": "NVD",
"id": "CVE-2002-1337"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "http://www.iss.net/issen/delivery/xforce/alertdetail.jsp?oid=21950"
},
{
"trust": 2.8,
"url": "http://www.sendmail.org/8.12.8.html"
},
{
"trust": 2.8,
"url": "http://www.cert.org/advisories/ca-2003-07.html"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/6991"
},
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/398025"
},
{
"trust": 1.7,
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=iy40500\u0026apar=only"
},
{
"trust": 1.7,
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=iy40501\u0026apar=only"
},
{
"trust": 1.7,
"url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=iy40502\u0026apar=only"
},
{
"trust": 1.7,
"url": "ftp://ftp.sco.com/pub/updates/unixware/cssa-2003-sco.5"
},
{
"trust": 1.7,
"url": "ftp://ftp.sco.com/pub/updates/openserver/cssa-2003-sco.6"
},
{
"trust": 1.7,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000571"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2003/dsa-257"
},
{
"trust": 1.7,
"url": "http://frontal2.mandriva.com/security/advisories?name=mdksa-2003:028"
},
{
"trust": 1.7,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2003-002.txt.asc"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2003-073.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2003-074.html"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2003-227.html"
},
{
"trust": 1.7,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030301-01-p"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/10748.php"
},
{
"trust": 1.1,
"url": "http://www.sendmail.org"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=104678862109841\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=104673778105192\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=104678862409849\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=104678739608479\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=104679411316818\u0026w=2"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a2222"
},
{
"trust": 0.8,
"url": "http://www.sendmail.com/security/"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.org/archive/1/313757/2003-03-01/2003-03-07/0"
},
{
"trust": 0.8,
"url": "http://www.nipc.gov/warnings/advisories/2003/03-004.htm"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnca-2003-07"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-1337"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2003/at030002.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2003/wr031001.txt"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/important/20030314_190827.html"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/important/20030305_170302.html"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/20030303sendmail.html"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/n-048.shtml"
},
{
"trust": 0.8,
"url": "http://www.isskk.co.jp/support/techinfo/general/sendmailheader_xforce.html"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/10748"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/11653"
},
{
"trust": 0.6,
"url": "http://ftp.support.compaq.com/patches/public/readmes/unix/t64v51ab21-c0103500-17099-es-20030226.readme"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104679411316818\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104678862409849\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104678862109841\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104678739608479\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104673778105192\u0026w=2"
},
{
"trust": 0.6,
"url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:2222"
},
{
"trust": 0.3,
"url": "http://www.info.apple.com/usen/security/security_updates.html"
},
{
"trust": 0.3,
"url": "http://www-1.ibm.com/services/continuity/recover1.nsf/mss/mss-oar-e01-2003.0794.1"
},
{
"trust": 0.3,
"url": "http://www.slackware.org/lists/archive/viewer.php?l=slackware-security\u0026y=2003\u0026m=slackware-security.286398"
},
{
"trust": 0.3,
"url": "http://www.sendmail.org/"
},
{
"trust": 0.3,
"url": "ftp://ftp1.support.compaq.com/public/unix/v4.0g/t64v40gb17-c0028100-16887-es-20030211.readme"
},
{
"trust": 0.3,
"url": "ftp://ftp1.support.compaq.com/public/unix/v4.0f/duv40fb18-c0092200-16888-es-20030211.readme"
},
{
"trust": 0.3,
"url": "http://ftp1.support.compaq.com/public/unix/v5.0a/t64v50ab17-c0031300-16884-es-20030211.readme"
},
{
"trust": 0.3,
"url": "ftp://ftp1.support.compaq.com/public/unix/v5.1/t64v51b19-c0169100-16882-es-20030211.readme"
},
{
"trust": 0.3,
"url": "http://ftp.support.compaq.com/patches/public/readmes/unix/t64v51bb1-c0003900-16874-es-20030211.readme"
},
{
"trust": 0.3,
"url": "http://ftp.support.compaq.com/patches/public/readmes/unix/t64v51b20-c0169800-16980-es-20030218.readme"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/51181"
},
{
"trust": 0.3,
"url": "http://www.sendmail.com"
},
{
"trust": 0.3,
"url": "/archive/1/313757"
},
{
"trust": 0.3,
"url": "/archive/1/313795"
},
{
"trust": 0.3,
"url": "/archive/1/313841"
},
{
"trust": 0.1,
"url": ""
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#398025"
},
{
"db": "VULHUB",
"id": "VHN-5722"
},
{
"db": "BID",
"id": "6991"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000061"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-038"
},
{
"db": "NVD",
"id": "CVE-2002-1337"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#398025"
},
{
"db": "VULHUB",
"id": "VHN-5722"
},
{
"db": "BID",
"id": "6991"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000061"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-038"
},
{
"db": "NVD",
"id": "CVE-2002-1337"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-03-03T00:00:00",
"db": "CERT/CC",
"id": "VU#398025"
},
{
"date": "2003-03-07T00:00:00",
"db": "VULHUB",
"id": "VHN-5722"
},
{
"date": "2003-03-02T00:00:00",
"db": "BID",
"id": "6991"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000061"
},
{
"date": "2003-03-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200303-038"
},
{
"date": "2003-03-07T05:00:00",
"db": "NVD",
"id": "CVE-2002-1337"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-09-15T00:00:00",
"db": "CERT/CC",
"id": "VU#398025"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-5722"
},
{
"date": "2007-09-22T00:30:00",
"db": "BID",
"id": "6991"
},
{
"date": "2024-03-01T01:52:00",
"db": "JVNDB",
"id": "JVNDB-2003-000061"
},
{
"date": "2006-08-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200303-038"
},
{
"date": "2024-02-09T03:19:11.660000",
"db": "NVD",
"id": "CVE-2002-1337"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200303-038"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Remote Buffer Overflow in Sendmail",
"sources": [
{
"db": "CERT/CC",
"id": "VU#398025"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "6991"
},
{
"db": "CNNVD",
"id": "CNNVD-200303-038"
}
],
"trust": 0.9
}
}
VAR-200310-0080
Vulnerability from variot - Updated: 2023-12-18 12:59A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences. This vulnerability could allow a remote attacker to execute arbitrary code or cause a denial of service on a vulnerable system.This vulnerability does not affect the default configuration. Note that Sendmail under a default configuration is not vulnerable to this issue
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200310-0080",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "workstation",
"scope": "eq",
"trust": 1.9,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "server",
"scope": "eq",
"trust": 1.9,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.9,
"vendor": "turbolinux",
"version": "6.0"
},
{
"model": "server",
"scope": "eq",
"trust": 1.9,
"vendor": "turbolinux",
"version": "6.5"
},
{
"model": "server",
"scope": "eq",
"trust": 1.9,
"vendor": "turbolinux",
"version": "6.1"
},
{
"model": "server",
"scope": "eq",
"trust": 1.9,
"vendor": "turbolinux",
"version": "8.0"
},
{
"model": "workstation",
"scope": "eq",
"trust": 1.9,
"vendor": "turbolinux",
"version": "7.0"
},
{
"model": "advanced server",
"scope": "eq",
"trust": 1.9,
"vendor": "turbolinux",
"version": "6.0"
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "sendmail",
"version": null
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.6"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "gentoo",
"version": "1.2"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "11.22"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "gentoo",
"version": "0.7"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "openbsd",
"version": "3.2"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.4.3"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "11.11"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.5.2"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "openbsd",
"version": "3.3"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "4.3.3"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.5"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.6.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.5.3"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 1.3,
"vendor": "netbsd",
"version": "1.5.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "gentoo",
"version": "0.5"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2.1"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.1"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "11.0.4"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.3"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.3"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.3"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.6.1"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "advanced message server",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "1.2"
},
{
"model": "pro",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.3"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.6"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.10.1"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "11.00"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2.2"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2.3"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.4"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.3"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.8"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1.3"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.4"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "1.1a"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2.5"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1.4"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.5"
},
{
"model": "advanced message server",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "1.3"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1.1"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.2"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.6"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.6"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.6"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.10.2"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.3"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2.4"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.0"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.1"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.2"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.2"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.8.8"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.2"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.6"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.0"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.4"
},
{
"model": "pro",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.2"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.0"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.5"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.5"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.2.5"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.1"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.2"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1.5"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.9"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.6.2"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1.2"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.4"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.7"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.10"
},
{
"model": "sendmail",
"scope": "lte",
"trust": 0.8,
"vendor": "sendmail consortium",
"version": "8.12.9"
},
{
"model": "cobalt qube3",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "cobalt raq4",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "cobalt raq550",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "cobalt raqxtr",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "linux 5.0",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "turbolinux advanced server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.1"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.5"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "turbolinux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.0"
},
{
"model": "turbolinux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.00"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.04"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.22"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "8.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "9"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "11.04"
},
{
"model": "tru64 pk4",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "tru64 f pk6",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.0"
},
{
"model": "consortium sendmail beta10",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "hp-ux b.11.23",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "tru64 pk3",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.10"
},
{
"model": "nonstop-ux whitney",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.22",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.0"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6.2"
},
{
"model": "internet express",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.1"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.5"
},
{
"model": "linux rc3",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.3"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "linux rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.23"
},
{
"model": "consortium sendmail beta5",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.6"
},
{
"model": "internet express",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.7"
},
{
"model": "tru64 g pk3",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "consortium sendmail beta16",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.5x86"
},
{
"model": "inc sendmail advanced message server",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "1.2"
},
{
"model": "tru64 b pk2",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "hp-ux b.11.04",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.8"
},
{
"model": "tru64 a pk5",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "internet express",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.8"
},
{
"model": "tru64 g",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "tru64 a",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.0"
},
{
"model": "nonstop-ux puma",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "inc sendmail pro",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.3"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.1"
},
{
"model": "beta",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.6"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.5"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "tru64 f pk7",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.2"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "tru64 pk6",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 f pk8",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.4"
},
{
"model": "cobalt raq",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "4"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.5"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.2"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.8.8"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "consortium sendmail beta12",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "tru64 a pk3",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.6"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.2"
},
{
"model": "sh3",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.5"
},
{
"model": "inc sendmail advanced message server",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "1.3"
},
{
"model": "altavista firewall avfw98",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.3"
},
{
"model": "tru64 a pk1",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 b pk1",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.4"
},
{
"model": "internet express",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.9"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.1"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.4"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"model": "tru64",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "internet express",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.4"
},
{
"model": "consortium sendmail beta7",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.6"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.10"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.10.2"
},
{
"model": "tru64 a pk2",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.5"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.3"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.4"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.3"
},
{
"model": "tru64 a",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "alphaserver sc",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "tru64 pk5",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 f",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.1"
},
{
"model": "linux a",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "1.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "tru64 b",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.1"
},
{
"model": "tru64 g pk4",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.2"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "tru64 a pk3",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 a pk4",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.9"
},
{
"model": "linux rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.20"
},
{
"model": "consortium sendmail",
"scope": "ne",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.10"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.10.1"
},
{
"model": "altavista firewall raptor ec",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "inc sendmail pro",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.2"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#108964"
},
{
"db": "BID",
"id": "8649"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000277"
},
{
"db": "NVD",
"id": "CVE-2003-0681"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-016"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sendmail:advanced_message_server:1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:advanced_message_server:1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.10.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.8.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:2.6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:3.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12:beta10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12:beta12:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12:beta16:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_pro:8.9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:3.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:3.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:3.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:3.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12:beta5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12:beta7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_pro:8.9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:2.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.10.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:3.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ibm:aix:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ibm:aix:5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux_server:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux_server:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux_workstation:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.1a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:ibm:aix:4.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5:*:sh3:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux_advanced_server:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux_server:6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux_server:6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:10.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x_server:10.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:netbsd:netbsd:1.6:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux_workstation:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:turbolinux:turbolinux_workstation:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0681"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovery of this vulnerability has been credited to Timo Sirainen.",
"sources": [
{
"db": "BID",
"id": "8649"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-016"
}
],
"trust": 0.9
},
"cve": "CVE-2003-0681",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2003-0681",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-7506",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2003-0681",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#108964",
"trust": 0.8,
"value": "6.33"
},
{
"author": "CNNVD",
"id": "CNNVD-200310-016",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-7506",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2003-0681",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#108964"
},
{
"db": "VULHUB",
"id": "VHN-7506"
},
{
"db": "VULMON",
"id": "CVE-2003-0681"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000277"
},
{
"db": "NVD",
"id": "CVE-2003-0681"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-016"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A \"potential buffer overflow in ruleset parsing\" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences. This vulnerability could allow a remote attacker to execute arbitrary code or cause a denial of service on a vulnerable system.This vulnerability does not affect the default configuration. Note that Sendmail under a default configuration is not vulnerable to this issue",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0681"
},
{
"db": "CERT/CC",
"id": "VU#108964"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000277"
},
{
"db": "BID",
"id": "8649"
},
{
"db": "VULHUB",
"id": "VHN-7506"
},
{
"db": "VULMON",
"id": "CVE-2003-0681"
}
],
"trust": 2.79
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-7506",
"trust": 0.1,
"type": "unknown"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=23154",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-7506"
},
{
"db": "VULMON",
"id": "CVE-2003-0681"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2003-0681",
"trust": 2.9
},
{
"db": "CERT/CC",
"id": "VU#108964",
"trust": 2.8
},
{
"db": "BID",
"id": "8649",
"trust": 2.3
},
{
"db": "XF",
"id": "13216",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000277",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200310-016",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "23154",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-76930",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-7506",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2003-0681",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#108964"
},
{
"db": "VULHUB",
"id": "VHN-7506"
},
{
"db": "VULMON",
"id": "CVE-2003-0681"
},
{
"db": "BID",
"id": "8649"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000277"
},
{
"db": "NVD",
"id": "CVE-2003-0681"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-016"
}
]
},
"id": "VAR-200310-0080",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-7506"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:59:39.504000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HPSBUX00281",
"trust": 0.8,
"url": "http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?lang=en\u0026cc=us\u0026objectid=c01035741"
},
{
"title": "RHSA-2003:283",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2003-283.html"
},
{
"title": "8.12.10",
"trust": 0.8,
"url": "http://www.sendmail.org/8.12.10.html"
},
{
"title": "57573",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57573-1"
},
{
"title": "56922",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-56922-1"
},
{
"title": "57573",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-57573-3"
},
{
"title": "56922",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-56922-3"
},
{
"title": "4 Sendmail Security Update 2.0.2",
"trust": 0.8,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raq4.eng\u0026amp;nav=patchpage"
},
{
"title": "XTR Sendmail Security Update 1.0.1",
"trust": 0.8,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raqxtr.eng\u0026amp;nav=patchpage"
},
{
"title": "550 Sendmail Security Update 0.0.1",
"trust": 0.8,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raq550.eng\u0026amp;nav=patchpage"
},
{
"title": "TLSA-2003-52",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2003/tlsa-2003-52.txt"
},
{
"title": "RHSA-2003:283",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2003-283j.html"
},
{
"title": "TLSA-2003-52",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2003/tlsa-2003-52j.txt"
},
{
"title": "Debian Security Advisories: DSA-384-1 sendmail -- buffer overflows",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=243b978e3f17d13dd590ac7cfc4a472f"
},
{
"title": "x0rzEQGRP",
"trust": 0.1,
"url": "https://github.com/happysmack/x0rzeqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/nekkidso/eqgrp "
},
{
"title": "test",
"trust": 0.1,
"url": "https://github.com/devkosov/test "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/hackcrypto/eqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/ninja-tw1st/eqgrp "
},
{
"title": "leaked2",
"trust": 0.1,
"url": "https://github.com/kongjiexi/leaked2 "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/391861737/eqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/muhammd/eqgrp "
},
{
"title": "ShadowBrokersFiles",
"trust": 0.1,
"url": "https://github.com/r3k1ng/shadowbrokersfiles "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/ckmaenn/eqgrp "
},
{
"title": "EQGRP_Linux",
"trust": 0.1,
"url": "https://github.com/cybernetix-s3c/eqgrp_linux "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/iha114/eqgrp "
},
{
"title": "ShadowBrokersFiles",
"trust": 0.1,
"url": "https://github.com/antiscammerarmy/shadowbrokersfiles "
},
{
"title": "shadowbrokerstuff",
"trust": 0.1,
"url": "https://github.com/thetrentusdev/shadowbrokerstuff "
},
{
"title": "bdhglopoj",
"trust": 0.1,
"url": "https://github.com/maxcvnd/bdhglopoj "
},
{
"title": "shadowbrokerstuff",
"trust": 0.1,
"url": "https://github.com/shakenetwork/shadowbrokerstuff "
},
{
"title": "x0rz-EQGRP",
"trust": 0.1,
"url": "https://github.com/r3p3r/x0rz-eqgrp "
},
{
"title": "ShadowBrokersStuff",
"trust": 0.1,
"url": "https://github.com/thetrentus/shadowbrokersstuff "
},
{
"title": "EQ1",
"trust": 0.1,
"url": "https://github.com/thepevertedspartan/eq1 "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/badbug6/eqgrp "
},
{
"title": "EQGRP-nasa",
"trust": 0.1,
"url": "https://github.com/soldie/eqgrp-nasa "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/mofty/eqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/thetrentus/eqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/namangangwar/eqgrp "
},
{
"title": "EQGRP",
"trust": 0.1,
"url": "https://github.com/x0rz/eqgrp "
},
{
"title": "SB--.-HACK-the-EQGRP-1",
"trust": 0.1,
"url": "https://github.com/cipherreborn/sb--.-hack-the-eqgrp-1 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2003-0681"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000277"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0681"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.securityfocus.com/bid/8649"
},
{
"trust": 2.0,
"url": "http://www.kb.cert.org/vuls/id/108964"
},
{
"trust": 1.5,
"url": "http://www.sendmail.org/8.12.10.html"
},
{
"trust": 1.2,
"url": "http://www.debian.org/security/2003/dsa-384"
},
{
"trust": 1.2,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2003:092"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a3606"
},
{
"trust": 1.2,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a595"
},
{
"trust": 1.2,
"url": "http://www.redhat.com/support/errata/rhsa-2003-283.html"
},
{
"trust": 1.2,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13216"
},
{
"trust": 1.1,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000742"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=106383437615742\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=106398718909274\u0026w=2"
},
{
"trust": 0.8,
"url": "http://www.sendmail.com"
},
{
"trust": 0.8,
"url": "http://www.sendmail.org"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2003-0681"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/13216"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2003-0681"
},
{
"trust": 0.3,
"url": "http://distro.conectiva.com.br/atualizacoes/index.php?id=a\u0026anuncio=000746"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f56922"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57573"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/qube3.eng\u0026nav=patchpage"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raq4.eng\u0026nav=patchpage"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raqxtr.eng\u0026nav=patchpage"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=106383437615742\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=106398718909274\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026amp;anuncio=000742"
},
{
"trust": 0.1,
"url": ""
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/23154/"
},
{
"trust": 0.1,
"url": "https://github.com/hackcrypto/eqgrp"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/./dsa-384"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#108964"
},
{
"db": "VULHUB",
"id": "VHN-7506"
},
{
"db": "VULMON",
"id": "CVE-2003-0681"
},
{
"db": "BID",
"id": "8649"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000277"
},
{
"db": "NVD",
"id": "CVE-2003-0681"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#108964"
},
{
"db": "VULHUB",
"id": "VHN-7506"
},
{
"db": "VULMON",
"id": "CVE-2003-0681"
},
{
"db": "BID",
"id": "8649"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000277"
},
{
"db": "NVD",
"id": "CVE-2003-0681"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-016"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-09-18T00:00:00",
"db": "CERT/CC",
"id": "VU#108964"
},
{
"date": "2003-10-06T00:00:00",
"db": "VULHUB",
"id": "VHN-7506"
},
{
"date": "2003-10-06T00:00:00",
"db": "VULMON",
"id": "CVE-2003-0681"
},
{
"date": "2003-09-17T00:00:00",
"db": "BID",
"id": "8649"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000277"
},
{
"date": "2003-10-06T04:00:00",
"db": "NVD",
"id": "CVE-2003-0681"
},
{
"date": "2003-10-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200310-016"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-09-18T00:00:00",
"db": "CERT/CC",
"id": "VU#108964"
},
{
"date": "2018-05-03T00:00:00",
"db": "VULHUB",
"id": "VHN-7506"
},
{
"date": "2018-05-03T00:00:00",
"db": "VULMON",
"id": "CVE-2003-0681"
},
{
"date": "2007-09-22T00:30:00",
"db": "BID",
"id": "8649"
},
{
"date": "2007-08-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000277"
},
{
"date": "2018-05-03T01:29:21.663000",
"db": "NVD",
"id": "CVE-2003-0681"
},
{
"date": "2006-08-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200310-016"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200310-016"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sendmail Ruleset Parsing Buffer Overflow Vulnerability",
"sources": [
{
"db": "BID",
"id": "8649"
},
{
"db": "CNNVD",
"id": "CNNVD-200310-016"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200310-016"
}
],
"trust": 0.6
}
}
VAR-200304-0013
Vulnerability from variot - Updated: 2023-12-18 11:16The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337. Sendmail contains a buffer overflow in code that parses email addresses. A remote attacker could execute arbitrary code or cause a denial of service on a vulnerable system. The flaw is present in the 'prescan()' procedure, which is used for processing email addresses in SMTP headers. This vulnerability stems from a logic error in the conversion of a char to an integer value. The issue has been fixed Sendmail 8.12.9. Most organizations have various mail transfer agents (MTAs) at various locations within their network, at least one of which is directly connected to the Internet. Sendmail is one of the most popular MTAs. According to statistics, Internet mail traffic handled by Sendmail accounts for 50\% to 75\% of the total. Many UNIX and Linux workstations run Sendmail by default. This vulnerability exists in the prescan() process. The vulnerability is for messages, not connections. This means that the vulnerability is triggered by the content of a specially crafted email message, rather than by lower-level network communications. This is important because a non-vulnerable MTA can send malicious messages along with other protected MTAs in the network. In other words, even if the software used by the boundary MTA of the site is not sendmail, the sendmail service program with loopholes inside the network is still threatened. Messages that exploit this vulnerability can also pass through many common packet filters or firewalls undetected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200304-0013",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "switch",
"scope": "eq",
"trust": 1.8,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.6,
"vendor": "hp",
"version": "10.24"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.6,
"vendor": "sendmail",
"version": "8.12.8"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.6,
"vendor": "sendmail",
"version": "8.12.4"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.6,
"vendor": "sendmail",
"version": "8.12.3"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.6,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.6,
"vendor": "sendmail",
"version": "8.12.6"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.6,
"vendor": "sendmail",
"version": "8.12.5"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.6,
"vendor": "sendmail",
"version": "8.12.7"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.01"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.10"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "11.22"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.34"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "11.0.4"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.30"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "11.11"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.3,
"vendor": "sun",
"version": "2.5.1"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.3,
"vendor": "compaq",
"version": "5.0"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.3,
"vendor": "sun",
"version": "2.6"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.26"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.16"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "11.20"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.3,
"vendor": "sun",
"version": "2.5"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.3,
"vendor": "hp",
"version": "10.20"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.3,
"vendor": "sun",
"version": "2.4"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "5.2"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "4.3"
},
{
"model": "aix",
"scope": "eq",
"trust": 1.1,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2.1"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.1"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a_pk3_bl3"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.3"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.5"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0f_pk6_bl17"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a_pk2_bl2"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.6.1"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": null
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0d_pk9_bl17"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1_pk5_bl19"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.0f"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0f_pk7_bl18"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.6"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0f"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.10.1"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1_pk4_bl18"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "11.00"
},
{
"model": "hp-ux series 700",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "10.20"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1b_pk1_bl1"
},
{
"model": "sis",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "*"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2.2"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2.3"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.3"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1.3"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.0a"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.0a_pk3_bl17"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.8"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "9.0"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0g_pk3_bl17"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2.5"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.0_pk4_bl18"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "solaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "8.0"
},
{
"model": "hp-ux series 800",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "10.20"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1.4"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.5"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.5.1"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1.1"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "10.00"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.2"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.6"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0d"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.7"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.10.2"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a_pk1_bl1"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2.4"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.0"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0g"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "10.08"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.1"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1b"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.0_pk4_bl17"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.9.2"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1_pk6_bl20"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.0"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.0"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.2"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.12.1"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.2"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1.5"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1_pk3_bl17"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "5.1a"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1.2"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.6.2"
},
{
"model": "sunos",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "5.4"
},
{
"model": "switch",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "2.1"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 1.0,
"vendor": "hp",
"version": "10.09"
},
{
"model": "tru64",
"scope": "eq",
"trust": 1.0,
"vendor": "compaq",
"version": "4.0b"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.11.4"
},
{
"model": "sendmail",
"scope": "eq",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.10"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple computer",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "conectiva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "freebsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fujitsu",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandrakesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mirapoint",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nortel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sgi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sendmail",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sequent ibm",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "slackware",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "the sendmail consortium",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wind river",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "wirex",
"version": null
},
{
"model": "sendmail",
"scope": "lte",
"trust": 0.8,
"vendor": "sendmail consortium",
"version": "8.11.6"
},
{
"model": "sendmail",
"scope": "lte",
"trust": 0.8,
"vendor": "sendmail consortium",
"version": "8.12.8"
},
{
"model": "cobalt raq4",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "cobalt raq550",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "cobalt raqxtr",
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "2.6 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "2.6 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "7.0 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "8 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "advanced message server",
"scope": null,
"trust": 0.8,
"vendor": "sendmail",
"version": null
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "2.1.x"
},
{
"model": "switch",
"scope": "eq",
"trust": 0.8,
"vendor": "sendmail",
"version": "2.2.x"
},
{
"model": "turbolinux advanced server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.1"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.5"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux server",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "turbolinux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "6.0"
},
{
"model": "turbolinux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "7"
},
{
"model": "turbolinux workstation",
"scope": "eq",
"trust": 0.8,
"vendor": "turbo linux",
"version": "8"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.10"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "10.20"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.00"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.22"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "6.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "7.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "8.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "9"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.6,
"vendor": "hp",
"version": "11.04"
},
{
"model": "tru64 pk4",
"scope": "eq",
"trust": 0.6,
"vendor": "compaq",
"version": "5.0"
},
{
"model": "hp-ux sis",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.20"
},
{
"model": "z/os v1r4",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "tru64 pk4",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.16"
},
{
"model": "os/390 v2r6",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "tru64 f pk6",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.0"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.6"
},
{
"model": "consortium sendmail beta10",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.2"
},
{
"model": "tru64 pk3",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 f",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.0"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "nonstop-ux whitney",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "hp-ux b.11.22",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.0"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6.2"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.0"
},
{
"model": "z/os",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.3"
},
{
"model": "internet express",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.1"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.7"
},
{
"model": "os/390 v2r9",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.5"
},
{
"model": "solaris x86",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.5.1"
},
{
"model": "tru64 b",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.2"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "7.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.3"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.3"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.9"
},
{
"model": "hp-ux series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.20700"
},
{
"model": "advanced workstation for the itanium processor",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "z/os v1r2",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "consortium sendmail beta5",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.6"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.5"
},
{
"model": "internet express",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.7"
},
{
"model": "tru64 g pk3",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "tru64 d pk9",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "consortium sendmail beta16",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "os/390 v2r8",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "solaris 2.6 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "hp-ux b.11.04",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "aix l",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.1"
},
{
"model": "solaris 2.4 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "cobalt raq 4100r",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "550"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.11"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.4"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.8"
},
{
"model": "tru64 d",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "internet express",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.8"
},
{
"model": "tru64 g",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "tru64 a",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.0"
},
{
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "nonstop-ux puma",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.5.2"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "9"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.18"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.5"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.8"
},
{
"model": "tru64 f pk7",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.9"
},
{
"model": "openlinux server",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "3.1.1"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.2"
},
{
"model": "tru64 pk6",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.4"
},
{
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.5"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.2"
},
{
"model": "cobalt qube3 4000wg",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.8"
},
{
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.5"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0.1"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.3"
},
{
"model": "consortium sendmail beta12",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "os/390 v2r10",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.13"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5"
},
{
"model": "tru64 a pk3",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.0"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.2"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.14"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.3"
},
{
"model": "mpe/ix",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "6.0"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.3"
},
{
"model": "altavista firewall avfw98",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "tru64 b pk1",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "tru64 a pk1",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.4"
},
{
"model": "internet express",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.9"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.7"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.1"
},
{
"model": "solaris 2.5 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.4"
},
{
"model": "openlinux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "sco",
"version": "3.1.1"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "11.0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.5"
},
{
"model": "internet express",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.4"
},
{
"model": "consortium sendmail beta7",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12"
},
{
"model": "hp-ux b.11.11",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.6"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.10"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.5"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.10.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.1"
},
{
"model": "tru64 a pk4",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.1"
},
{
"model": "tru64 a pk2",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.5.3"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "3.0"
},
{
"model": "hp-ux b.11.00",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.15"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.10"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.2.5"
},
{
"model": "solaris 7.0 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "5.0"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.12.3"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.4"
},
{
"model": "solaris 9 x86 update",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2"
},
{
"model": "lx50",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.0"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.6"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.3"
},
{
"model": "tru64 a",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "alphaserver sc",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"model": "irix",
"scope": "ne",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.20"
},
{
"model": "tru64 pk5",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "1.5.1"
},
{
"model": "tru64 f",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "4.0"
},
{
"model": "inc sendmail switch",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.1.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.2"
},
{
"model": "tru64 b",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.12"
},
{
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.9.1"
},
{
"model": "solaris ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "2.5.1"
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.11.2"
},
{
"model": "hp-ux series",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "10.20800"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6"
},
{
"model": "inc sendmail for nt",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "2.6.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.17"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.2.3"
},
{
"model": "tru64 a pk3",
"scope": "eq",
"trust": 0.3,
"vendor": "compaq",
"version": "5.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.19"
},
{
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "4.3.1"
},
{
"model": "irix",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "6.5.2"
},
{
"model": "mvs",
"scope": null,
"trust": 0.3,
"vendor": "ibm",
"version": null
},
{
"model": "cobalt raq4 3001r",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "consortium sendmail",
"scope": "eq",
"trust": 0.3,
"vendor": "sendmail",
"version": "8.10.1"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2.1"
},
{
"model": "cobalt raq xtr 3500r",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"model": "altavista firewall raptor ec",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#897604"
},
{
"db": "BID",
"id": "7230"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000101"
},
{
"db": "NVD",
"id": "CVE-2003-0161"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-025"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.10.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.9.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:3.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:3.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:3.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12:beta16:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12:beta5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:2.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:2.6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.10.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12:beta10:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12:beta12:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.9.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:3.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:3.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.11.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.12:beta7:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:8.9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:2.1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail_switch:3.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0f_pk7_bl18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0g:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0d_pk9_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.0_pk4_bl18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.0a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1_pk6_bl20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.08:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0g_pk3_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.0_pk4_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1_pk4_bl18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1_pk5_bl19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1b_pk1_bl1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux_series_700:10.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux_series_800:10.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:2.5.1:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:2.5:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:x86_update_2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:sis:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1_pk3_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a_pk3_bl3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1b:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:2.5.1:*:ppc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:4.0f_pk6_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.0a_pk3_bl17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.0f:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a_pk1_bl1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:compaq:tru64:5.1a_pk2_bl2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.09:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:2.4:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0161"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Michal Zalewski\u203b lcamtuf@dione.ids.pl",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200304-025"
}
],
"trust": 0.6
},
"cve": "CVE-2003-0161",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2003-0161",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-6991",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2003-0161",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#897604",
"trust": 0.8,
"value": "67.20"
},
{
"author": "CNNVD",
"id": "CNNVD-200304-025",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-6991",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2003-0161",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#897604"
},
{
"db": "VULHUB",
"id": "VHN-6991"
},
{
"db": "VULMON",
"id": "CVE-2003-0161"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000101"
},
{
"db": "NVD",
"id": "CVE-2003-0161"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-025"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special \"NOCHAR\" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337. Sendmail contains a buffer overflow in code that parses email addresses. A remote attacker could execute arbitrary code or cause a denial of service on a vulnerable system. The flaw is present in the \u0027prescan()\u0027 procedure, which is used for processing email addresses in SMTP headers. This vulnerability stems from a logic error in the conversion of a char to an integer value. The issue has been fixed Sendmail 8.12.9. Most organizations have various mail transfer agents (MTAs) at various locations within their network, at least one of which is directly connected to the Internet. Sendmail is one of the most popular MTAs. According to statistics, Internet mail traffic handled by Sendmail accounts for 50\\\\% to 75\\\\% of the total. Many UNIX and Linux workstations run Sendmail by default. This vulnerability exists in the prescan() process. The vulnerability is for messages, not connections. This means that the vulnerability is triggered by the content of a specially crafted email message, rather than by lower-level network communications. This is important because a non-vulnerable MTA can send malicious messages along with other protected MTAs in the network. In other words, even if the software used by the boundary MTA of the site is not sendmail, the sendmail service program with loopholes inside the network is still threatened. Messages that exploit this vulnerability can also pass through many common packet filters or firewalls undetected",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0161"
},
{
"db": "CERT/CC",
"id": "VU#897604"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000101"
},
{
"db": "BID",
"id": "7230"
},
{
"db": "VULHUB",
"id": "VHN-6991"
},
{
"db": "VULMON",
"id": "CVE-2003-0161"
}
],
"trust": 2.79
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=24",
"trust": 0.2,
"type": "exploit"
},
{
"reference": "https://www.scap.org.cn/vuln/vhn-6991",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-6991"
},
{
"db": "VULMON",
"id": "CVE-2003-0161"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#897604",
"trust": 3.7
},
{
"db": "NVD",
"id": "CVE-2003-0161",
"trust": 2.9
},
{
"db": "BID",
"id": "7230",
"trust": 2.9
},
{
"db": "XF",
"id": "11653",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000101",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200304-025",
"trust": 0.7
},
{
"db": "REDHAT",
"id": "RHSA-2003:121",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2003:120",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-278",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-290",
"trust": 0.6
},
{
"db": "SCO",
"id": "SCOSA-2004.11",
"trust": 0.6
},
{
"db": "IMMUNIX",
"id": "IMNX-2003-7+-002-01",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "52620",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "52700",
"trust": 0.6
},
{
"db": "SUNALERT",
"id": "1001088",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030329 SENDMAIL 8.12.9 AVAILABLE",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030520 [FWD: 127 RESEARCH AND DEVELOPMENT: 127 DAY!]",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030331 GLSA: SENDMAIL (200303-27)",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030329 SENDMAIL: -1 GONE WILD",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20030330 [OPENPKG-SA-2003.027] OPENPKG SECURITY ADVISORY (SENDMAIL)",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20030329 SENDMAIL: -1 GONE WILD",
"trust": 0.6
},
{
"db": "CERT/CC",
"id": "CA-2003-12",
"trust": 0.6
},
{
"db": "CONECTIVA",
"id": "CLA-2003:614",
"trust": 0.6
},
{
"db": "SGI",
"id": "20030401-01-P",
"trust": 0.6
},
{
"db": "CALDERA",
"id": "CSSA-2003-016.0",
"trust": 0.6
},
{
"db": "GENTOO",
"id": "GLSA-200303-27",
"trust": 0.6
},
{
"db": "FREEBSD",
"id": "FREEBSD-SA-03:07",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "24",
"trust": 0.2
},
{
"db": "SEEBUG",
"id": "SSVID-15232",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-62723",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-76244",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "22442",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-6991",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2003-0161",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#897604"
},
{
"db": "VULHUB",
"id": "VHN-6991"
},
{
"db": "VULMON",
"id": "CVE-2003-0161"
},
{
"db": "BID",
"id": "7230"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000101"
},
{
"db": "NVD",
"id": "CVE-2003-0161"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-025"
}
]
},
"id": "VAR-200304-0013",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-6991"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:16:12.729000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HPSBUX00253",
"trust": 0.8,
"url": "http://www1.itrc.hp.com/service/cki/docdisplay.do?docid=c00958571"
},
{
"title": "HPSBUX0304-253",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux0304-253.html"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.ibm.com/jp/"
},
{
"title": "RHSA-2003:120",
"trust": 0.8,
"url": "http://rhn.redhat.com/errata/rhsa-2003-120.html"
},
{
"title": "sendmail 8.12.9 available",
"trust": 0.8,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104896621106790\u0026w=2"
},
{
"title": "52620",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52620-1"
},
{
"title": "52700",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52700-1"
},
{
"title": "52700",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52700-3"
},
{
"title": "52620",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52620-3"
},
{
"title": "4 Sendmail Security Update 2.0.1",
"trust": 0.8,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raq4.eng\u0026amp;nav=patchpage"
},
{
"title": "XTR Sendmail Security Update 1.0.1",
"trust": 0.8,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raqxtr.eng\u0026amp;nav=patchpage"
},
{
"title": "550 Sendmail Security Update 0.0.1",
"trust": 0.8,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raq550.eng\u0026amp;nav=patchpage"
},
{
"title": "TLSA-2003-24",
"trust": 0.8,
"url": "http://www.turbolinux.com/security/2003/tlsa-2003-24.txt"
},
{
"title": "Sendmail Inc. Information for VU#897604",
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/aamn-5kuutz"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.sendmail.co.jp/"
},
{
"title": "RHSA-2003:120",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2003-120j.html"
},
{
"title": "TLSA-2003-24",
"trust": 0.8,
"url": "http://www.turbolinux.co.jp/security/2003/tlsa-2003-24j.txt"
},
{
"title": "Debian Security Advisories: DSA-290-1 sendmail-wide -- char-to-int conversion",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=8086c3d7d3014252ce37b8626383010c"
},
{
"title": "cumes",
"trust": 0.1,
"url": "https://github.com/byte-mug/cumes "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2003-0161"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000101"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-0161"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://www.kb.cert.org/vuls/id/897604"
},
{
"trust": 2.7,
"url": "http://www.securityfocus.com/bid/7230"
},
{
"trust": 2.6,
"url": "http://www.cert.org/advisories/ca-2003-12.html"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/archive/1/321997"
},
{
"trust": 1.8,
"url": "ftp://ftp.caldera.com/pub/security/openlinux/cssa-2003-016.0.txt"
},
{
"trust": 1.8,
"url": "http://lists.apple.com/mhonarc/security-announce/msg00028.html"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2003/dsa-278"
},
{
"trust": 1.8,
"url": "http://www.debian.org/security/2003/dsa-290"
},
{
"trust": 1.8,
"url": "ftp://ftp.freebsd.org/pub/freebsd/cert/advisories/freebsd-sa-03:07.sendmail.asc"
},
{
"trust": 1.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-march/004295.html"
},
{
"trust": 1.8,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200303-27.xml"
},
{
"trust": 1.8,
"url": "http://www.redhat.com/support/errata/rhsa-2003-120.html"
},
{
"trust": 1.8,
"url": "http://www.redhat.com/support/errata/rhsa-2003-121.html"
},
{
"trust": 1.8,
"url": "ftp://ftp.sco.com/pub/updates/openserver/scosa-2004.11/scosa-2004.11.txt"
},
{
"trust": 1.8,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030401-01-p"
},
{
"trust": 1.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001088.1-1"
},
{
"trust": 1.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52620-1"
},
{
"trust": 1.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52700-1"
},
{
"trust": 1.7,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000614"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/316961/30/25250/threaded"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/317135/30/25220/threaded"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/archive/1/archive/1/317135/30/25220/threaded"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=104896621106790\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=104914999806315\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=104897487512238\u0026w=2"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/archive/1/316773/2003-03-28/2003-04-03/0"
},
{
"trust": 0.8,
"url": "http://www.iss.net/issen/delivery/xforce/alertdetail.jsp?oid=22127"
},
{
"trust": 0.8,
"url": "http://www.sendmail.org/secure-install.html"
},
{
"trust": 0.8,
"url": "http://www.sendmail.org/ftp/release_notes"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc2047.txt"
},
{
"trust": 0.8,
"url": "http://www.ciac.org/ciac/bulletins/n-067.shtml"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2003-0161"
},
{
"trust": 0.8,
"url": "http://www.ipa.go.jp/security/ciadr/20030331sendmail.html"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2003/wr031401.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2003/wr031501.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/wr/2003/wr031301.txt"
},
{
"trust": 0.8,
"url": "http://www.jpcert.or.jp/at/2003/at030004.txt"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnca-2003-12"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnca-2003-07/index.html"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2003-0161"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/11653"
},
{
"trust": 0.8,
"url": "http://www.isskk.co.jp/support/techinfo/general/sendmail033103_xforce.html"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/important/20030330_153031.html"
},
{
"trust": 0.8,
"url": "http://www.cyberpolice.go.jp/important/20030506_122656.html"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104897487512238\u0026w=2"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/316961/30/25250/threaded"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104914999806315\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=104896621106790\u0026w=2"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f52620"
},
{
"trust": 0.3,
"url": "http://www.info.apple.com/usen/security/security_updates.html"
},
{
"trust": 0.3,
"url": "http://www-1.ibm.com/services/continuity/recover1.nsf/mss/mss-oar-e01-2003.0793.1"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/show.pl?target=cobalt/raqxtr.eng\u0026nav=patchpage"
},
{
"trust": 0.3,
"url": "http://rhn.redhat.com/errata/rhsa-2003-121.html"
},
{
"trust": 0.3,
"url": "http://www.sendmail.org/"
},
{
"trust": 0.3,
"url": "http://www.sotlinux.org/en/sotlinux/sa/2003/2003-0019.php"
},
{
"trust": 0.3,
"url": "http://ftp.support.compaq.com/patches/public/unix/v4.0f/duv40fb18-c0093400-17811-es-20030403.readme"
},
{
"trust": 0.3,
"url": "http://ftp.support.compaq.com/patches/public/unix/v5.1a/t64v51ab21-c0112900-17770-es-20030402.readme"
},
{
"trust": 0.3,
"url": "http://ftp.support.compaq.com/patches/public/unix/v5.1b/t64v51bb1-c0008000-17812-es-20030403.readme"
},
{
"trust": 0.3,
"url": "http://ftp.support.compaq.com/patches/public/unix/v5.1/t64v51b20-c0176700-17773-es-20030402.readme"
},
{
"trust": 0.3,
"url": "http://ftp.support.compaq.com/patches/public/unix/v4.0g/t64v40gb17-c0029200-17810-es-20030403.readme"
},
{
"trust": 0.3,
"url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2f52700\u0026zone_32=category%3asecurity"
},
{
"trust": 0.3,
"url": "/archive/1/321997"
},
{
"trust": 0.3,
"url": "/archive/1/316760"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=104897487512238\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=104896621106790\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=104914999806315\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026amp;anuncio=000614"
},
{
"trust": 0.1,
"url": ""
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/./dsa-290"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/24/"
},
{
"trust": 0.1,
"url": "https://github.com/byte-mug/cumes"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#897604"
},
{
"db": "VULHUB",
"id": "VHN-6991"
},
{
"db": "VULMON",
"id": "CVE-2003-0161"
},
{
"db": "BID",
"id": "7230"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000101"
},
{
"db": "NVD",
"id": "CVE-2003-0161"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-025"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#897604"
},
{
"db": "VULHUB",
"id": "VHN-6991"
},
{
"db": "VULMON",
"id": "CVE-2003-0161"
},
{
"db": "BID",
"id": "7230"
},
{
"db": "JVNDB",
"id": "JVNDB-2003-000101"
},
{
"db": "NVD",
"id": "CVE-2003-0161"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-025"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-03-29T00:00:00",
"db": "CERT/CC",
"id": "VU#897604"
},
{
"date": "2003-04-02T00:00:00",
"db": "VULHUB",
"id": "VHN-6991"
},
{
"date": "2003-04-02T00:00:00",
"db": "VULMON",
"id": "CVE-2003-0161"
},
{
"date": "2003-03-29T00:00:00",
"db": "BID",
"id": "7230"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000101"
},
{
"date": "2003-04-02T05:00:00",
"db": "NVD",
"id": "CVE-2003-0161"
},
{
"date": "2003-03-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200304-025"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-09-25T00:00:00",
"db": "CERT/CC",
"id": "VU#897604"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-6991"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2003-0161"
},
{
"date": "2007-09-21T23:40:00",
"db": "BID",
"id": "7230"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2003-000101"
},
{
"date": "2018-10-30T16:26:22.763000",
"db": "NVD",
"id": "CVE-2003-0161"
},
{
"date": "2010-02-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200304-025"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200304-025"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sendmail address parsing buffer overflow",
"sources": [
{
"db": "CERT/CC",
"id": "VU#897604"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "7230"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-025"
}
],
"trust": 0.9
}
}
VAR-202107-1672
Vulnerability from variot - Updated: 2023-12-18 10:58ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer. F5 Networks of nginx Products from other vendors contain vulnerabilities related to certificate validation.Information may be obtained and information may be tampered with. (CVE-2020-11724). ========================================================================== Ubuntu Security Notice USN-5371-2 April 28, 2022
nginx vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS
Summary:
nginx could be made to redirect network traffic.
Software Description: - nginx: small, powerful, scalable web/proxy server
Details:
USN-5371-1 fixed several vulnerabilities in nginx. This update provides the fix for CVE-2021-3618 for Ubuntu 22.04 LTS.
Original advisory details:
It was discovered that nginx Lua module mishandled certain inputs. An attacker could possibly use this issue to perform an HTTP Request Smuggling attack. This issue only affects Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-11724)
It was discovered that nginx Lua module mishandled certain inputs. An attacker could possibly use this issue to disclose sensitive information. This issue only affects Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-36309)
It was discovered that nginx mishandled the use of compatible certificates among multiple encryption protocols. (CVE-2021-3618)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 22.04 LTS: nginx-core 1.18.0-6ubuntu14.1 nginx-extras 1.18.0-6ubuntu14.1 nginx-light 1.18.0-6ubuntu14.1
In general, a standard system update will make all the necessary changes.
References: https://ubuntu.com/security/notices/USN-5371-2 https://ubuntu.com/security/notices/USN-5371-1 CVE-2021-3618
Package Information: https://launchpad.net/ubuntu/+source/nginx/1.18.0-6ubuntu14.1
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202107-1672",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "vsftpd",
"scope": "lt",
"trust": 1.0,
"vendor": "vsftpd",
"version": "3.0.4"
},
{
"model": "sendmail",
"scope": "lt",
"trust": 1.0,
"vendor": "sendmail",
"version": "8.17"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "33"
},
{
"model": "nginx",
"scope": "lt",
"trust": 1.0,
"vendor": "f5",
"version": "1.21.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "10.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "35"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "34"
},
{
"model": "vsftpd",
"scope": null,
"trust": 0.8,
"vendor": "vsftpd",
"version": null
},
{
"model": "nginx",
"scope": null,
"trust": 0.8,
"vendor": "f5",
"version": null
},
{
"model": "fedora",
"scope": null,
"trust": 0.8,
"vendor": "fedora",
"version": null
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "sendmail",
"scope": null,
"trust": 0.8,
"vendor": "sendmail consortium",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-019676"
},
{
"db": "NVD",
"id": "CVE-2021-3618"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.21.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:sendmail:sendmail:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.17",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:vsftpd_project:vsftpd:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.0.4",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2021-3618"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ubuntu",
"sources": [
{
"db": "PACKETSTORM",
"id": "166709"
},
{
"db": "PACKETSTORM",
"id": "168672"
},
{
"db": "PACKETSTORM",
"id": "166888"
},
{
"db": "PACKETSTORM",
"id": "174729"
}
],
"trust": 0.4
},
"cve": "CVE-2021-3618",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2021-3618",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-395783",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "High",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.4,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2021-3618",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2021-3618",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202107-216",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-395783",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2021-3618",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-395783"
},
{
"db": "VULMON",
"id": "CVE-2021-3618"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-019676"
},
{
"db": "NVD",
"id": "CVE-2021-3618"
},
{
"db": "CNNVD",
"id": "CNNVD-202107-216"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim\u0027s traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer. F5 Networks of nginx Products from other vendors contain vulnerabilities related to certificate validation.Information may be obtained and information may be tampered with. (CVE-2020-11724). ==========================================================================\nUbuntu Security Notice USN-5371-2\nApril 28, 2022\n\nnginx vulnerability\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 22.04 LTS\n\nSummary:\n\nnginx could be made to redirect network traffic. \n\nSoftware Description:\n- nginx: small, powerful, scalable web/proxy server\n\nDetails:\n\nUSN-5371-1 fixed several vulnerabilities in nginx. \nThis update provides the fix for CVE-2021-3618 for Ubuntu 22.04 LTS. \n\nOriginal advisory details:\n\n It was discovered that nginx Lua module mishandled certain inputs. \n An attacker could possibly use this issue to perform an HTTP Request\n Smuggling attack. This issue only affects Ubuntu 18.04 LTS and\n Ubuntu 20.04 LTS. (CVE-2020-11724)\n\n It was discovered that nginx Lua module mishandled certain inputs. \n An attacker could possibly use this issue to disclose sensitive\n information. This issue only affects Ubuntu 18.04 LTS and\n Ubuntu 20.04 LTS. (CVE-2020-36309)\n\n It was discovered that nginx mishandled the use of\n compatible certificates among multiple encryption protocols. \n (CVE-2021-3618)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 22.04 LTS:\n nginx-core 1.18.0-6ubuntu14.1\n nginx-extras 1.18.0-6ubuntu14.1\n nginx-light 1.18.0-6ubuntu14.1\n\nIn general, a standard system update will make all the necessary changes. \n\nReferences:\n https://ubuntu.com/security/notices/USN-5371-2\n https://ubuntu.com/security/notices/USN-5371-1\n CVE-2021-3618\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/nginx/1.18.0-6ubuntu14.1\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2021-3618"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-019676"
},
{
"db": "VULHUB",
"id": "VHN-395783"
},
{
"db": "VULMON",
"id": "CVE-2021-3618"
},
{
"db": "PACKETSTORM",
"id": "166709"
},
{
"db": "PACKETSTORM",
"id": "168672"
},
{
"db": "PACKETSTORM",
"id": "166888"
},
{
"db": "PACKETSTORM",
"id": "174729"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2021-3618",
"trust": 3.8
},
{
"db": "PACKETSTORM",
"id": "168672",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2021-019676",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "166709",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "166888",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2022.6109",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.1628",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.6139",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022042817",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022010906",
"trust": 0.6
},
{
"db": "CS-HELP",
"id": "SB2022041422",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202107-216",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-395783",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2021-3618",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "174729",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-395783"
},
{
"db": "VULMON",
"id": "CVE-2021-3618"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-019676"
},
{
"db": "PACKETSTORM",
"id": "166709"
},
{
"db": "PACKETSTORM",
"id": "168672"
},
{
"db": "PACKETSTORM",
"id": "166888"
},
{
"db": "PACKETSTORM",
"id": "174729"
},
{
"db": "NVD",
"id": "CVE-2021-3618"
},
{
"db": "CNNVD",
"id": "CNNVD-202107-216"
}
]
},
"id": "VAR-202107-1672",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-395783"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T10:58:31.706000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top\u00a0Page",
"trust": 0.8,
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html"
},
{
"title": "nginx Security vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=155955"
},
{
"title": "Ubuntu Security Notice: USN-5371-3: nginx vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-5371-3"
},
{
"title": "Debian CVElist Bug Report Logs: nginx: CVE-2021-3618",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=ef1074892d0995f0a511641c443018df"
},
{
"title": "Ubuntu Security Notice: USN-5371-2: nginx vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-5371-2"
},
{
"title": "Ubuntu Security Notice: USN-5371-1: nginx vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-5371-1"
},
{
"title": "Amazon Linux 2: ALASNGINX1-2023-002",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=alasnginx1-2023-002"
},
{
"title": "Red Hat: CVE-2021-3618",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2021-3618"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2021-3618 log"
},
{
"title": "Amazon Linux 2022: ALAS2022-2022-172",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022\u0026qid=alas2022-2022-172"
},
{
"title": "Amazon Linux 2022: ALAS2022-2022-132",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022\u0026qid=alas2022-2022-132"
},
{
"title": "Amazon Linux 2022: ALAS2022-2022-171",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022\u0026qid=alas2022-2022-171"
},
{
"title": "Amazon Linux 2022: ALAS2022-2022-136",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2022\u0026qid=alas2022-2022-136"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2021-3618 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2021-3618"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-019676"
},
{
"db": "CNNVD",
"id": "CNNVD-202107-216"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-295",
"trust": 1.1
},
{
"problemtype": "Illegal certificate verification (CWE-295) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-395783"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-019676"
},
{
"db": "NVD",
"id": "CVE-2021-3618"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://alpaca-attack.com/"
},
{
"trust": 1.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1975623"
},
{
"trust": 1.8,
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html"
},
{
"trust": 1.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2021-3618"
},
{
"trust": 0.6,
"url": "https://ubuntu.com/security/cve-2021-3618"
},
{
"trust": 0.6,
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991329"
},
{
"trust": 0.6,
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991328"
},
{
"trust": 0.6,
"url": "https://github.com/nginx/nginx/commit/173f16f736c10eae46cd15dd861b04b82d91a37a"
},
{
"trust": 0.6,
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991331"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022010906"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/6489853"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022041422"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/nginx-man-in-the-middle-via-the-tls-extension-alpn-35818"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/168672/ubuntu-security-notice-usn-5371-3.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/6514817"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2021-3618/"
},
{
"trust": 0.6,
"url": "https://www.cybersecurity-help.cz/vdb/sb2022042817"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/166709/ubuntu-security-notice-usn-5371-1.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.1628"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.6109"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/166888/ubuntu-security-notice-usn-5371-2.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.6139"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-36309"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-11724"
},
{
"trust": 0.3,
"url": "https://ubuntu.com/security/notices/usn-5371-1"
},
{
"trust": 0.2,
"url": "https://ubuntu.com/security/notices/usn-5371-3"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/295.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2021-3618"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/nginx/1.18.0-0ubuntu1.3"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/nginx/1.18.0-6ubuntu11.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/nginx/1.14.0-0ubuntu1.10"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/nginx/1.18.0-6ubuntu14.1"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-5371-2"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-6379-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/vsftpd/3.0.5-0ubuntu0.20.04.1"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-395783"
},
{
"db": "VULMON",
"id": "CVE-2021-3618"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-019676"
},
{
"db": "PACKETSTORM",
"id": "166709"
},
{
"db": "PACKETSTORM",
"id": "168672"
},
{
"db": "PACKETSTORM",
"id": "166888"
},
{
"db": "PACKETSTORM",
"id": "174729"
},
{
"db": "NVD",
"id": "CVE-2021-3618"
},
{
"db": "CNNVD",
"id": "CNNVD-202107-216"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-395783"
},
{
"db": "VULMON",
"id": "CVE-2021-3618"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-019676"
},
{
"db": "PACKETSTORM",
"id": "166709"
},
{
"db": "PACKETSTORM",
"id": "168672"
},
{
"db": "PACKETSTORM",
"id": "166888"
},
{
"db": "PACKETSTORM",
"id": "174729"
},
{
"db": "NVD",
"id": "CVE-2021-3618"
},
{
"db": "CNNVD",
"id": "CNNVD-202107-216"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-03-23T00:00:00",
"db": "VULHUB",
"id": "VHN-395783"
},
{
"date": "2022-03-23T00:00:00",
"db": "VULMON",
"id": "CVE-2021-3618"
},
{
"date": "2023-08-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2021-019676"
},
{
"date": "2022-04-13T15:03:13",
"db": "PACKETSTORM",
"id": "166709"
},
{
"date": "2022-10-10T16:13:35",
"db": "PACKETSTORM",
"id": "168672"
},
{
"date": "2022-04-28T15:18:16",
"db": "PACKETSTORM",
"id": "166888"
},
{
"date": "2023-09-19T15:23:43",
"db": "PACKETSTORM",
"id": "174729"
},
{
"date": "2022-03-23T20:15:09.833000",
"db": "NVD",
"id": "CVE-2021-3618"
},
{
"date": "2021-07-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202107-216"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-02-09T00:00:00",
"db": "VULHUB",
"id": "VHN-395783"
},
{
"date": "2023-02-09T00:00:00",
"db": "VULMON",
"id": "CVE-2021-3618"
},
{
"date": "2023-08-10T07:42:00",
"db": "JVNDB",
"id": "JVNDB-2021-019676"
},
{
"date": "2023-02-09T02:03:34.457000",
"db": "NVD",
"id": "CVE-2021-3618"
},
{
"date": "2023-05-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202107-216"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "168672"
},
{
"db": "PACKETSTORM",
"id": "174729"
},
{
"db": "CNNVD",
"id": "CNNVD-202107-216"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "F5\u00a0Networks\u00a0 of \u00a0nginx\u00a0 Vulnerability related to certificate verification in products of multiple vendors",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-019676"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202107-216"
}
],
"trust": 0.6
}
}
FKIE_CVE-2023-51765
Vulnerability from fkie_nvd - Published: 2023-12-24 06:15 - Updated: 2024-11-21 08:38
Severity ?
Summary
sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports <LF>.<CR><LF> but some other popular e-mail servers do not. This is resolved in 8.18 and later versions with 'o' in srv_features.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sendmail | sendmail | * | |
| freebsd | freebsd | * | |
| redhat | enterprise_linux | 8.0 | |
| redhat | enterprise_linux | 9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sendmail:sendmail:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEE597E4-93EE-4D07-8698-5F43E45BCB37",
"versionEndExcluding": "8.18.0.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A57DF1BC-3B6C-419A-9355-BC20E1D95347",
"versionEndExcluding": "11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports \u003cLF\u003e.\u003cCR\u003e\u003cLF\u003e but some other popular e-mail servers do not. This is resolved in 8.18 and later versions with \u0027o\u0027 in srv_features."
},
{
"lang": "es",
"value": "sendmail hasta al menos 8.14.7 permite el contrabando SMTP en ciertas configuraciones. Los atacantes remotos pueden utilizar una t\u00e9cnica de explotaci\u00f3n publicada para inyectar mensajes de correo electr\u00f3nico que parecen originarse en el servidor sendmail, lo que permite omitir un mecanismo de protecci\u00f3n SPF. Esto ocurre porque sendmail admite . pero algunos otros servidores de correo electr\u00f3nico populares no lo hacen."
}
],
"id": "CVE-2023-51765",
"lastModified": "2024-11-21T08:38:44.980",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-12-24T06:15:07.527",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/24/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/25/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/26/5"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/29/5"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/30/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/30/3"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-51765"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255869"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1218351"
},
{
"source": "cve@mitre.org",
"tags": [
"Technical Description"
],
"url": "https://fahrplan.events.ccc.de/congress/2023/fahrplan/events/11782.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://github.com/freebsd/freebsd-src/commit/5dd76dd0cc19450133aa379ce0ce4a68ae07fb39#diff-afdf514b32ac88004952c11660c57bc96c3d8b2234007c1cbd8d7ed7fd7935cc"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00004.html"
},
{
"source": "cve@mitre.org",
"url": "https://lwn.net/Articles/956533/"
},
{
"source": "cve@mitre.org",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2023/12/21/7"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2023/12/22/7"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://www.youtube.com/watch?v=V8KPV96g1To"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/24/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/25/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/26/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/29/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/30/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/30/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-51765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255869"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1218351"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description"
],
"url": "https://fahrplan.events.ccc.de/congress/2023/fahrplan/events/11782.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/freebsd/freebsd-src/commit/5dd76dd0cc19450133aa379ce0ce4a68ae07fb39#diff-afdf514b32ac88004952c11660c57bc96c3d8b2234007c1cbd8d7ed7fd7935cc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lwn.net/Articles/956533/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2023/12/21/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2023/12/22/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://www.youtube.com/watch?v=V8KPV96g1To"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-345"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-3618
Vulnerability from fkie_nvd - Published: 2022-03-23 20:15 - Updated: 2024-11-21 06:21
Severity ?
Summary
ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | https://alpaca-attack.com/ | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1975623 | Issue Tracking, Patch, Third Party Advisory | |
| secalert@redhat.com | https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://alpaca-attack.com/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1975623 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html | Mailing List, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| f5 | nginx | * | |
| sendmail | sendmail | * | |
| vsftpd_project | vsftpd | * | |
| fedoraproject | fedora | 33 | |
| fedoraproject | fedora | 34 | |
| fedoraproject | fedora | 35 | |
| debian | debian_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*",
"matchCriteriaId": "777D8DB3-65CF-4A12-BCCE-30849CE07762",
"versionEndExcluding": "1.21.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sendmail:sendmail:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E5DF525-823F-49D0-BDD2-6BCE5EE0F66B",
"versionEndExcluding": "8.17",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vsftpd_project:vsftpd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CA84E5A7-7557-4805-902B-E8069F5F4091",
"versionEndExcluding": "3.0.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
"matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim\u0027s traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer."
},
{
"lang": "es",
"value": "ALPACA es un ataque de confusi\u00f3n de contenido de protocolo de capa de aplicaci\u00f3n, que explota servidores TLS que implementan diferentes protocolos pero que usan certificados compatibles, como certificados multidominio o comod\u00edn. Un atacante de tipo MiTM que tenga acceso al tr\u00e1fico de la v\u00edctima en la capa TCP/IP puede redirigir el tr\u00e1fico de un subdominio a otro, resultando en a una sesi\u00f3n TLS v\u00e1lida. Esto rompe la autenticaci\u00f3n de TLS y pueden ser posibles los ataques entre protocolos donde el comportamiento de un servicio de protocolo puede comprometer al otro en la capa de aplicaci\u00f3n"
}
],
"id": "CVE-2021-3618",
"lastModified": "2024-11-21T06:21:59.713",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-23T20:15:09.833",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://alpaca-attack.com/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1975623"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://alpaca-attack.com/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1975623"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "secalert@redhat.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
FKIE_CVE-2014-3956
Vulnerability from fkie_nvd - Published: 2014-06-04 11:19 - Updated: 2025-04-12 10:46
Severity ?
Summary
The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:*:-:*:*:*:*:*:*",
"matchCriteriaId": "44FCDBFD-B421-4036-855F-6BF8E48EC0AD",
"versionEndIncluding": "9.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:hpux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D8071C5-90A4-4CB8-B31F-1B87371BC64D",
"versionEndIncluding": "b.11.31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
"matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sendmail:sendmail:*:*:*:*:*:*:*:*",
"matchCriteriaId": "924C5EF1-114D-439C-B52E-A05FDB0E0781",
"versionEndIncluding": "8.14.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4BBEEC1F-8382-4FEE-9F7F-60A8D9494DBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3A34E836-DFF7-404B-9F49-C56DCD81DB4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "624CA3E0-1D02-43C8-9BE2-CDB3651D153F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0006A6D0-E3E5-447E-ABCF-6D6E741ADC06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.7.9:*:*:*:*:*:*:*",
"matchCriteriaId": "85996153-65D0-4697-A01B-F6174CE5B4AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "855476CC-21EA-4037-91B7-7B9AAE9E7F82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D30A1136-074A-460D-9794-DDD530626800",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76A9602B-8E5A-4BF4-81F5-D1152D09FCAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EFD0B100-D822-4EBF-8EC9-ADAB8141116B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "196D77DF-E6D4-46D0-BC2C-8804A587CA25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B743E5A3-6B15-4877-9424-A1F1A4214B73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.10:*:*:*:*:*:*:*",
"matchCriteriaId": "76A60742-7815-4658-A6F7-147AA48C24B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC773E5-84D2-4084-80DA-EE8423C4925B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9A1A24F2-9C6B-4DF0-AB04-55D051812DD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "120271B8-08A9-4C21-A108-0DA61095A006",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "84E6ECDA-DF65-47FF-A42F-FD5C1D864FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7AA859AF-4E4E-4077-8E98-523E617A1DDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A9791650-C367-43B6-A0F4-5BB56CE10778",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8340DDA8-77DD-4AEB-B267-F86F64A851B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "07DCBBEE-1DF0-40FE-B755-1FC35CF16788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "581626E7-47B5-4819-B34F-B6DFD07A12F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8BBE9A4A-8AB9-4A97-A106-970FEB08952C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B754AD41-90A0-4382-B599-E41289C690A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "598F74BA-2B71-435E-92B8-9DEADB3311A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "79A46DF2-8EEB-40C8-B1CA-01BC064BD25E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "581E5904-1A2B-49FF-BE3F-D42019AD816B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B6CC4C83-4FB9-4344-AFCB-C260659F81DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CAF763B4-58E3-4868-8C92-47DE3E4E5F40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8A4FCB77-7FAC-4A4B-851C-2F352B44D3CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6FEB3923-8F4B-4523-84F9-17D1CFA37F8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.7:*:*:*:*:*:*:*",
"matchCriteriaId": "58CD19B4-4BFD-4DE8-B21F-6B6CDE6793C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7B82BBB7-CD72-4A33-97D4-B1E51A595323",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6C1D6A40-5DD1-481C-AF85-85705FCE3680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7125C4-64AF-4A3B-BBD6-1A56660A2D90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.11:*:*:*:*:*:*:*",
"matchCriteriaId": "83AE5BA5-09FF-4AF8-B4E8-4D372A208E2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B4E0D099-C149-4923-A06C-200A23CEA943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "01B75BCD-9187-4DB0-903D-5F73429AEE78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F7DB5E2A-0E79-45DF-BD85-FD216A970771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.13.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D20FAC60-445E-4847-B5DE-8ACDDA55E1CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.13.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9962F81C-A08C-4F8E-A07C-4F4B5C441EA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.13.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A38C234D-EF75-4A96-A0FD-E1DDDADAC1BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.13.6:*:*:*:*:*:*:*",
"matchCriteriaId": "ADED21E7-6DBC-4846-BF52-FE11A3D8A361",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.13.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CD501A5A-E602-4847-8178-E9CC289AD41C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.13.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F08976CF-8F2A-449C-B3FA-E1F8EF412159",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AE65E183-EEC2-48B7-A82E-F8363EB643EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB6F10A-3852-40FB-B91B-6E194E09BCEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.14.2:*:*:*:*:*:*:*",
"matchCriteriaId": "907E2087-95B8-4A4A-96DC-717D7B17CA82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.14.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BA6C7CBC-44B0-494C-8F75-150EB2BCA4E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.14.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C648B8B8-735D-4A99-A8FF-6CC015EA6DA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.14.5:*:*:*:*:*:*:*",
"matchCriteriaId": "53592C7D-545D-4E3A-B585-530D6C1CF2FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.14.6:*:*:*:*:*:*:*",
"matchCriteriaId": "13A9F448-4D14-4631-8523-5FE58D13858E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.14.7:*:*:*:*:*:*:*",
"matchCriteriaId": "770F46D9-E1D5-4271-B5F7-0E67DA78156A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program."
},
{
"lang": "es",
"value": "La funci\u00f3n sm_close_on_exec en conf.c en sendmail anterior a 8.14.9 tiene argumentos en el orden err\u00f3neo, y como consecuencia evade configurar etiquetas FD_CLOEXEC esperadas, lo que permite a usuarios locales acceder a descriptores de archivos de n\u00famero alto no intencionados a trav\u00e9s de un programa de entrega de correo personalizado."
}
],
"id": "CVE-2014-3956",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-06-04T11:19:13.890",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "ftp://ftp.sendmail.org/pub/sendmail/RELEASE_NOTES"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2014-0270.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134349.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00032.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00033.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/126975/Slackware-Security-Advisory-sendmail-Updates.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/57455"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/58628"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-201412-32.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-14%3A11.sendmail.asc"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:147"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:128"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/67791"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1030331"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.sendmail.com/sm/open_source/download/8.14.9/"
},
{
"source": "cve@mitre.org",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2014\u0026m=slackware-security.728644"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05216368"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "ftp://ftp.sendmail.org/pub/sendmail/RELEASE_NOTES"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://advisories.mageia.org/MGASA-2014-0270.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134349.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00032.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00033.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/126975/Slackware-Security-Advisory-sendmail-Updates.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/57455"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/58628"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201412-32.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-14%3A11.sendmail.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:147"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:128"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/67791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1030331"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.sendmail.com/sm/open_source/download/8.14.9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2014\u0026m=slackware-security.728644"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05216368"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2009-4565
Vulnerability from fkie_nvd - Published: 2010-01-04 21:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote attackers to bypass intended access restrictions via a crafted client certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sendmail:sendmail:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A6FF6875-0EE5-4817-B7E0-D031E5A88091",
"versionEndIncluding": "8.14.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1CA16C02-3B8D-4188-898E-048A93F11ADA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF12CC4-C9CD-479A-8F85-8F947B5B60A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C563EF-FDED-4193-A66A-06527878BB1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A267D3-2F49-4E61-B2C9-D8ED2265665E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EE4E6D5E-BD37-4F8E-962C-0438C62BEF72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:4.55:*:*:*:*:*:*:*",
"matchCriteriaId": "111C0FC5-A199-44CA-9512-9E6B12514E42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:5:*:*:*:*:*:*:*",
"matchCriteriaId": "7AFADCBA-DB24-451F-9E1D-FBBEE41C5D52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:5.59:*:*:*:*:*:*:*",
"matchCriteriaId": "5DFC5B8B-9102-46A9-9BD3-5CC0B671383F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:5.61:*:*:*:*:*:*:*",
"matchCriteriaId": "51BC02ED-17B1-44B3-97DB-F626A2BD2524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:5.65:*:*:*:*:*:*:*",
"matchCriteriaId": "EF58EBCB-5735-4569-957D-C37CC38F0823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4BBEEC1F-8382-4FEE-9F7F-60A8D9494DBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3A34E836-DFF7-404B-9F49-C56DCD81DB4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "624CA3E0-1D02-43C8-9BE2-CDB3651D153F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0006A6D0-E3E5-447E-ABCF-6D6E741ADC06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.7.9:*:*:*:*:*:*:*",
"matchCriteriaId": "85996153-65D0-4697-A01B-F6174CE5B4AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "855476CC-21EA-4037-91B7-7B9AAE9E7F82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D30A1136-074A-460D-9794-DDD530626800",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76A9602B-8E5A-4BF4-81F5-D1152D09FCAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EFD0B100-D822-4EBF-8EC9-ADAB8141116B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "196D77DF-E6D4-46D0-BC2C-8804A587CA25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B743E5A3-6B15-4877-9424-A1F1A4214B73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.10:*:*:*:*:*:*:*",
"matchCriteriaId": "76A60742-7815-4658-A6F7-147AA48C24B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC773E5-84D2-4084-80DA-EE8423C4925B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9A1A24F2-9C6B-4DF0-AB04-55D051812DD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "120271B8-08A9-4C21-A108-0DA61095A006",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "84E6ECDA-DF65-47FF-A42F-FD5C1D864FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7AA859AF-4E4E-4077-8E98-523E617A1DDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A9791650-C367-43B6-A0F4-5BB56CE10778",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8340DDA8-77DD-4AEB-B267-F86F64A851B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "07DCBBEE-1DF0-40FE-B755-1FC35CF16788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "581626E7-47B5-4819-B34F-B6DFD07A12F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8BBE9A4A-8AB9-4A97-A106-970FEB08952C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B754AD41-90A0-4382-B599-E41289C690A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta10:*:*:*:*:*:*",
"matchCriteriaId": "BD99394C-5408-4A01-8D4E-417FFFFDE9C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta12:*:*:*:*:*:*",
"matchCriteriaId": "AAB59A24-87DE-4CAD-A2BA-AFCC0B2A55B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta16:*:*:*:*:*:*",
"matchCriteriaId": "97D641EF-0B69-45A1-B85E-3C9C93AB9D42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta5:*:*:*:*:*:*",
"matchCriteriaId": "8972211B-6A5B-4095-9CBB-CEF4C23C9C65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta7:*:*:*:*:*:*",
"matchCriteriaId": "8F81A2AD-90A0-4B97-86A3-92690A0FCA71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "598F74BA-2B71-435E-92B8-9DEADB3311A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "79A46DF2-8EEB-40C8-B1CA-01BC064BD25E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "581E5904-1A2B-49FF-BE3F-D42019AD816B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B6CC4C83-4FB9-4344-AFCB-C260659F81DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CAF763B4-58E3-4868-8C92-47DE3E4E5F40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8A4FCB77-7FAC-4A4B-851C-2F352B44D3CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6FEB3923-8F4B-4523-84F9-17D1CFA37F8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.7:*:*:*:*:*:*:*",
"matchCriteriaId": "58CD19B4-4BFD-4DE8-B21F-6B6CDE6793C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7B82BBB7-CD72-4A33-97D4-B1E51A595323",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6C1D6A40-5DD1-481C-AF85-85705FCE3680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7125C4-64AF-4A3B-BBD6-1A56660A2D90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B4E0D099-C149-4923-A06C-200A23CEA943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "01B75BCD-9187-4DB0-903D-5F73429AEE78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.13.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "631A40C3-4266-4516-A586-8341D2C01270",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F7DB5E2A-0E79-45DF-BD85-FD216A970771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.13.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D20FAC60-445E-4847-B5DE-8ACDDA55E1CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.13.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9962F81C-A08C-4F8E-A07C-4F4B5C441EA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.13.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A38C234D-EF75-4A96-A0FD-E1DDDADAC1BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.13.6:*:*:*:*:*:*:*",
"matchCriteriaId": "ADED21E7-6DBC-4846-BF52-FE11A3D8A361",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.13.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CD501A5A-E602-4847-8178-E9CC289AD41C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.13.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F08976CF-8F2A-449C-B3FA-E1F8EF412159",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4AB6F10A-3852-40FB-B91B-6E194E09BCEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.14.2:*:*:*:*:*:*:*",
"matchCriteriaId": "907E2087-95B8-4A4A-96DC-717D7B17CA82",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "sendmail before 8.14.4 does not properly handle a \u0027\\0\u0027 character in a Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote attackers to bypass intended access restrictions via a crafted client certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408."
},
{
"lang": "es",
"value": "sendmail anterior a v8.14.4 no maneja adecuadamente un car\u00e1cter \u0027\\0\u0027 en un fichero Common Name (CN) de un certificado X.509; esto permite (1) a atacantes del tipo hombre-en-el-medio suplantar a su elecci\u00f3n servidores SMTP basados en SSL utilizando un certificado de servidor manipulado expedido por una Autoridad Certificadora leg\u00edtima y (2) a atacantes remotos evitar las restricciones de acceso pretendidas a trav\u00e9s de un certificado cliente expedido por una Autoridad Certificadora leg\u00edtima. Vulnerabilidad relacionada con CVE-2009-2408."
}
],
"id": "CVE-2009-4565",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-01-04T21:30:00.640",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=126953289726317\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37998"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/38314"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/38915"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/39088"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/40109"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/43366"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-201206-30.xml"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021797.1-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2010/dsa-1985"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0262.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/37543"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.sendmail.org/releases/8.14.4"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3661"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2010/0719"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2010/1386"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2011/0415"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10255"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=126953289726317\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37998"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/38314"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/38915"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/39088"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/40109"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/43366"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201206-30.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021797.1-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2010/dsa-1985"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0262.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/37543"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.sendmail.org/releases/8.14.4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3661"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/0719"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/1386"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2011/0415"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10255"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11822"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2009-4565\n\nThe Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw.",
"lastModified": "2010-01-21T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2009-1490
Vulnerability from fkie_nvd - Published: 2009-05-05 19:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Heap-based buffer overflow in Sendmail before 8.13.2 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long X- header, as demonstrated by an X-Testing header.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sendmail:sendmail:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2820FDAE-AA3F-4452-933C-62B4F174D941",
"versionEndIncluding": "8.13.1.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1CA16C02-3B8D-4188-898E-048A93F11ADA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:2.6:*:nt:*:*:*:*:*",
"matchCriteriaId": "3300A5FC-69D9-4F19-AB0E-0273F5ECF45C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF12CC4-C9CD-479A-8F85-8F947B5B60A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:2.6.1:*:nt:*:*:*:*:*",
"matchCriteriaId": "EC340D43-0E4D-4365-A604-9DDF3BD62039",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "623A2E07-2122-4ADE-9932-011DCA4396A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C563EF-FDED-4193-A66A-06527878BB1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:3.0:*:nt:*:*:*:*:*",
"matchCriteriaId": "E43CBCA0-47B1-4992-A636-A0BF4441B91A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A267D3-2F49-4E61-B2C9-D8ED2265665E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:3.0.1:*:nt:*:*:*:*:*",
"matchCriteriaId": "2FA4711B-319B-4410-A1B5-C6D8C4B1EC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7199205A-B914-40A1-9C82-A9698511E3C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:3.0.2:*:nt:*:*:*:*:*",
"matchCriteriaId": "F4981D22-AA6B-4901-95BA-F1BB893828B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BEC468AB-8B18-4169-8040-614A32444732",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EE4E6D5E-BD37-4F8E-962C-0438C62BEF72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:4.55:*:*:*:*:*:*:*",
"matchCriteriaId": "111C0FC5-A199-44CA-9512-9E6B12514E42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:5:*:*:*:*:*:*:*",
"matchCriteriaId": "7AFADCBA-DB24-451F-9E1D-FBBEE41C5D52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:5.59:*:*:*:*:*:*:*",
"matchCriteriaId": "5DFC5B8B-9102-46A9-9BD3-5CC0B671383F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:5.61:*:*:*:*:*:*:*",
"matchCriteriaId": "51BC02ED-17B1-44B3-97DB-F626A2BD2524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:5.65:*:*:*:*:*:*:*",
"matchCriteriaId": "EF58EBCB-5735-4569-957D-C37CC38F0823",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4BBEEC1F-8382-4FEE-9F7F-60A8D9494DBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3A34E836-DFF7-404B-9F49-C56DCD81DB4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "624CA3E0-1D02-43C8-9BE2-CDB3651D153F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.7.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0006A6D0-E3E5-447E-ABCF-6D6E741ADC06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.7.9:*:*:*:*:*:*:*",
"matchCriteriaId": "85996153-65D0-4697-A01B-F6174CE5B4AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "855476CC-21EA-4037-91B7-7B9AAE9E7F82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D30A1136-074A-460D-9794-DDD530626800",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76A9602B-8E5A-4BF4-81F5-D1152D09FCAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EFD0B100-D822-4EBF-8EC9-ADAB8141116B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "196D77DF-E6D4-46D0-BC2C-8804A587CA25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B743E5A3-6B15-4877-9424-A1F1A4214B73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.10:*:*:*:*:*:*:*",
"matchCriteriaId": "76A60742-7815-4658-A6F7-147AA48C24B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC773E5-84D2-4084-80DA-EE8423C4925B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9A1A24F2-9C6B-4DF0-AB04-55D051812DD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "120271B8-08A9-4C21-A108-0DA61095A006",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "84E6ECDA-DF65-47FF-A42F-FD5C1D864FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7AA859AF-4E4E-4077-8E98-523E617A1DDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A9791650-C367-43B6-A0F4-5BB56CE10778",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8340DDA8-77DD-4AEB-B267-F86F64A851B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "07DCBBEE-1DF0-40FE-B755-1FC35CF16788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "581626E7-47B5-4819-B34F-B6DFD07A12F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8BBE9A4A-8AB9-4A97-A106-970FEB08952C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B754AD41-90A0-4382-B599-E41289C690A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta10:*:*:*:*:*:*",
"matchCriteriaId": "BD99394C-5408-4A01-8D4E-417FFFFDE9C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta12:*:*:*:*:*:*",
"matchCriteriaId": "AAB59A24-87DE-4CAD-A2BA-AFCC0B2A55B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta16:*:*:*:*:*:*",
"matchCriteriaId": "97D641EF-0B69-45A1-B85E-3C9C93AB9D42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta5:*:*:*:*:*:*",
"matchCriteriaId": "8972211B-6A5B-4095-9CBB-CEF4C23C9C65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta7:*:*:*:*:*:*",
"matchCriteriaId": "8F81A2AD-90A0-4B97-86A3-92690A0FCA71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "598F74BA-2B71-435E-92B8-9DEADB3311A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "79A46DF2-8EEB-40C8-B1CA-01BC064BD25E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "581E5904-1A2B-49FF-BE3F-D42019AD816B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B6CC4C83-4FB9-4344-AFCB-C260659F81DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CAF763B4-58E3-4868-8C92-47DE3E4E5F40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8A4FCB77-7FAC-4A4B-851C-2F352B44D3CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6FEB3923-8F4B-4523-84F9-17D1CFA37F8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.7:*:*:*:*:*:*:*",
"matchCriteriaId": "58CD19B4-4BFD-4DE8-B21F-6B6CDE6793C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7B82BBB7-CD72-4A33-97D4-B1E51A595323",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6C1D6A40-5DD1-481C-AF85-85705FCE3680",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7125C4-64AF-4A3B-BBD6-1A56660A2D90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.11:*:*:*:*:*:*:*",
"matchCriteriaId": "83AE5BA5-09FF-4AF8-B4E8-4D372A208E2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B4E0D099-C149-4923-A06C-200A23CEA943",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Sendmail before 8.13.2 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long X- header, as demonstrated by an X-Testing header."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en mont\u00edculo en Sendmail anterior a v8.13.2 permite a atacantes remotos producir una denegaci\u00f3n de servicio (ca\u00edda de demonio) y posiblemente ejecutar c\u00f3digo de forma arbitraria a trav\u00e9s de la cabecera X- como se demostr\u00f3 mediante la cabecera de prueba X-."
}
],
"id": "CVE-2009-1490",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-05-05T19:30:00.170",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.nmrc.org/~thegnome/blog/apr09/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.sendmail.org/releases/8.13.2"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50355"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.nmrc.org/~thegnome/blog/apr09/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.sendmail.org/releases/8.13.2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50355"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Based on our analysis this issue does not have a security consequence and does not lead to a buffer overflow or denial of service. For more details of our technical evaluation see\nhttps://bugzilla.redhat.com/show_bug.cgi?id=499252#c18",
"lastModified": "2009-05-07T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-2246
Vulnerability from fkie_nvd - Published: 2007-04-25 16:19 - Updated: 2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in HP-UX B.11.00 and B.11.11, when running sendmail 8.9.3 or 8.11.1; and HP-UX B.11.23 when running sendmail 8.11.1; allows remote attackers to cause a denial of service via unknown attack vectors. NOTE: due to the lack of details from HP, it is not known whether this issue is a duplicate of another CVE such as CVE-2006-1173 or CVE-2006-4434.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.23:*:*:*:*:*:*:*",
"matchCriteriaId": "32310AFE-38CC-4C6C-AE13-54C18720F2C0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B743E5A3-6B15-4877-9424-A1F1A4214B73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7AA859AF-4E4E-4077-8E98-523E617A1DDC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP-UX B.11.00 and B.11.11, when running sendmail 8.9.3 or 8.11.1; and HP-UX B.11.23 when running sendmail 8.11.1; allows remote attackers to cause a denial of service via unknown attack vectors. NOTE: due to the lack of details from HP, it is not known whether this issue is a duplicate of another CVE such as CVE-2006-1173 or CVE-2006-4434."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en HP-UX B.11.00 y B.11.11, cuando se ejecuta sendmail 8.9.3 o 8.11.1; y HP-UX B.11.23 cuando se ejecuta sendmail 8.11.1; permite a los atacantes remotos causar una denegaci\u00f3n de servicio a trav\u00e9s de vectores de ataque desconocidos. NOTA: debido a la falta de detalles de HP, no se sabe si este problema es un duplicado de otro CVE como CVE-2006-1173 o CVE-2006-4434."
}
],
"id": "CVE-2007-2246",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-04-25T16:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c00841370"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24990"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/349305"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/23606"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1017966"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/1504"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c00841370"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24990"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/349305"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/23606"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1017966"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/1504"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2006-7175
Vulnerability from fkie_nvd - Published: 2007-03-27 23:19 - Updated: 2025-04-09 00:30
Severity ?
Summary
The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and earlier does not allow the administrator to disable SSLv2 encryption, which could cause less secure channels to be used than desired.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| redhat | enterprise_linux | 4.0 | |
| sendmail | sendmail | 8.13.1.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:4.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "BAB4B991-7ABE-4311-AE31-C9F62144ADB9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.13.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "631A40C3-4266-4516-A586-8341D2C01270",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and earlier does not allow the administrator to disable SSLv2 encryption, which could cause less secure channels to be used than desired."
},
{
"lang": "es",
"value": "La version de Sendmail 8.13.1-2 en Red Hat Enterprise Linux 4 Update 4 y anteriores no permiten al administrador deshabilitar la encriptaci\u00f3n SSLv2, lo cual podr\u00eda provocar que se pudieran usar canales menos seguros de lo deseado."
}
],
"id": "CVE-2006-7175",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-03-27T23:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=172352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=172352"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "** DISPUTED ** Sendmail classes the CipherList directive as \u0026quot;for future release\u0026quot;; currently unsupported and undocumented. Therefore the lack of support for the CipherList directive in various Red Hat products is not a vulnerability.\n",
"lastModified": "2007-04-27T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2023-51765 (GCVE-0-2023-51765)
Vulnerability from cvelistv5 – Published: 2023-12-24 00:00 – Updated: 2024-08-02 22:48
VLAI?
Summary
sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports <LF>.<CR><LF> but some other popular e-mail servers do not. This is resolved in 8.18 and later versions with 'o' in srv_features.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:48:11.197Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2023/12/22/7"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2023/12/21/7"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/freebsd/freebsd-src/commit/5dd76dd0cc19450133aa379ce0ce4a68ae07fb39#diff-afdf514b32ac88004952c11660c57bc96c3d8b2234007c1cbd8d7ed7fd7935cc"
},
{
"name": "[oss-security] 20231224 Re: Re: New SMTP smuggling attack",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/24/1"
},
{
"name": "[oss-security] 20231225 Re: Re: New SMTP smuggling attack",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/25/1"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1218351"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255869"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-51765"
},
{
"tags": [
"x_transferred"
],
"url": "https://fahrplan.events.ccc.de/congress/2023/fahrplan/events/11782.html"
},
{
"name": "[oss-security] 20231226 Re: New SMTP smuggling attack",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/26/5"
},
{
"name": "[oss-security] 20231229 Re: Re: New SMTP smuggling attack",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/29/5"
},
{
"name": "[oss-security] 20231230 Re: Re: New SMTP smuggling attack",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/30/3"
},
{
"name": "[oss-security] 20231230 Re: Re: New SMTP smuggling attack",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/30/1"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.youtube.com/watch?v=V8KPV96g1To"
},
{
"tags": [
"x_transferred"
],
"url": "https://lwn.net/Articles/956533/"
},
{
"name": "[debian-lts-announce] 20240615 [SECURITY] [DLA 3829-1] sendmail security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00004.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports \u003cLF\u003e.\u003cCR\u003e\u003cLF\u003e but some other popular e-mail servers do not. This is resolved in 8.18 and later versions with \u0027o\u0027 in srv_features."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-15T09:05:58.617529",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/"
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/12/22/7"
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/12/21/7"
},
{
"url": "https://github.com/freebsd/freebsd-src/commit/5dd76dd0cc19450133aa379ce0ce4a68ae07fb39#diff-afdf514b32ac88004952c11660c57bc96c3d8b2234007c1cbd8d7ed7fd7935cc"
},
{
"name": "[oss-security] 20231224 Re: Re: New SMTP smuggling attack",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/24/1"
},
{
"name": "[oss-security] 20231225 Re: Re: New SMTP smuggling attack",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/25/1"
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1218351"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255869"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-51765"
},
{
"url": "https://fahrplan.events.ccc.de/congress/2023/fahrplan/events/11782.html"
},
{
"name": "[oss-security] 20231226 Re: New SMTP smuggling attack",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/26/5"
},
{
"name": "[oss-security] 20231229 Re: Re: New SMTP smuggling attack",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/29/5"
},
{
"name": "[oss-security] 20231230 Re: Re: New SMTP smuggling attack",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/30/3"
},
{
"name": "[oss-security] 20231230 Re: Re: New SMTP smuggling attack",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/30/1"
},
{
"url": "https://www.youtube.com/watch?v=V8KPV96g1To"
},
{
"url": "https://lwn.net/Articles/956533/"
},
{
"name": "[debian-lts-announce] 20240615 [SECURITY] [DLA 3829-1] sendmail security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00004.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-51765",
"datePublished": "2023-12-24T00:00:00",
"dateReserved": "2023-12-24T00:00:00",
"dateUpdated": "2024-08-02T22:48:11.197Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3618 (GCVE-0-2021-3618)
Vulnerability from cvelistv5 – Published: 2022-03-23 00:00 – Updated: 2024-08-03 17:01
VLAI?
Summary
ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
Severity ?
No CVSS data available.
CWE
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:01:07.459Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1975623"
},
{
"tags": [
"x_transferred"
],
"url": "https://alpaca-attack.com/"
},
{
"name": "[debian-lts-announce] 20221122 [SECURITY] [DLA 3203-1] nginx security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ALPACA",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "vsftpd 3.0.4, nginx 1.21.0, sendmail 8.17"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim\u0027s traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-23T00:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1975623"
},
{
"url": "https://alpaca-attack.com/"
},
{
"name": "[debian-lts-announce] 20221122 [SECURITY] [DLA 3203-1] nginx security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-3618",
"datePublished": "2022-03-23T00:00:00",
"dateReserved": "2021-06-24T00:00:00",
"dateUpdated": "2024-08-03T17:01:07.459Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3956 (GCVE-0-2014-3956)
Vulnerability from cvelistv5 – Published: 2014-06-04 10:00 – Updated: 2024-08-06 10:57
VLAI?
Summary
The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:57:18.265Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05216368"
},
{
"name": "58628",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/58628"
},
{
"name": "FreeBSD-SA-14:11",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-14%3A11.sendmail.asc"
},
{
"name": "MDVSA-2015:128",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:128"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/126975/Slackware-Security-Advisory-sendmail-Updates.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "ftp://ftp.sendmail.org/pub/sendmail/RELEASE_NOTES"
},
{
"name": "GLSA-201412-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201412-32.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sendmail.com/sm/open_source/download/8.14.9/"
},
{
"name": "openSUSE-SU-2014:0804",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00032.html"
},
{
"name": "MDVSA-2014:147",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:147"
},
{
"name": "FEDORA-2014-7093",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134349.html"
},
{
"name": "openSUSE-SU-2014:0805",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00033.html"
},
{
"name": "57455",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/57455"
},
{
"name": "67791",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/67791"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2014-0270.html"
},
{
"name": "SSA:2014-156-04",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2014\u0026m=slackware-security.728644"
},
{
"name": "1030331",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030331"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-28T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05216368"
},
{
"name": "58628",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/58628"
},
{
"name": "FreeBSD-SA-14:11",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-14%3A11.sendmail.asc"
},
{
"name": "MDVSA-2015:128",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:128"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/126975/Slackware-Security-Advisory-sendmail-Updates.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "ftp://ftp.sendmail.org/pub/sendmail/RELEASE_NOTES"
},
{
"name": "GLSA-201412-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201412-32.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sendmail.com/sm/open_source/download/8.14.9/"
},
{
"name": "openSUSE-SU-2014:0804",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00032.html"
},
{
"name": "MDVSA-2014:147",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:147"
},
{
"name": "FEDORA-2014-7093",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134349.html"
},
{
"name": "openSUSE-SU-2014:0805",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00033.html"
},
{
"name": "57455",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/57455"
},
{
"name": "67791",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/67791"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2014-0270.html"
},
{
"name": "SSA:2014-156-04",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2014\u0026m=slackware-security.728644"
},
{
"name": "1030331",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030331"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3956",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05216368",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05216368"
},
{
"name": "58628",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58628"
},
{
"name": "FreeBSD-SA-14:11",
"refsource": "FREEBSD",
"url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-14%3A11.sendmail.asc"
},
{
"name": "MDVSA-2015:128",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:128"
},
{
"name": "http://packetstormsecurity.com/files/126975/Slackware-Security-Advisory-sendmail-Updates.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/126975/Slackware-Security-Advisory-sendmail-Updates.html"
},
{
"name": "ftp://ftp.sendmail.org/pub/sendmail/RELEASE_NOTES",
"refsource": "CONFIRM",
"url": "ftp://ftp.sendmail.org/pub/sendmail/RELEASE_NOTES"
},
{
"name": "GLSA-201412-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201412-32.xml"
},
{
"name": "http://www.sendmail.com/sm/open_source/download/8.14.9/",
"refsource": "CONFIRM",
"url": "http://www.sendmail.com/sm/open_source/download/8.14.9/"
},
{
"name": "openSUSE-SU-2014:0804",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00032.html"
},
{
"name": "MDVSA-2014:147",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:147"
},
{
"name": "FEDORA-2014-7093",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134349.html"
},
{
"name": "openSUSE-SU-2014:0805",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00033.html"
},
{
"name": "57455",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57455"
},
{
"name": "67791",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67791"
},
{
"name": "http://advisories.mageia.org/MGASA-2014-0270.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0270.html"
},
{
"name": "SSA:2014-156-04",
"refsource": "SLACKWARE",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2014\u0026m=slackware-security.728644"
},
{
"name": "1030331",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030331"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-3956",
"datePublished": "2014-06-04T10:00:00",
"dateReserved": "2014-06-03T00:00:00",
"dateUpdated": "2024-08-06T10:57:18.265Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-4565 (GCVE-0-2009-4565)
Vulnerability from cvelistv5 – Published: 2010-01-04 21:00 – Updated: 2024-08-07 07:08
VLAI?
Summary
sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote attackers to bypass intended access restrictions via a crafted client certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:08:38.091Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "38314",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38314"
},
{
"name": "GLSA-201206-30",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201206-30.xml"
},
{
"name": "1021797",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021797.1-1"
},
{
"name": "39088",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39088"
},
{
"name": "ADV-2009-3661",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3661"
},
{
"name": "37998",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37998"
},
{
"name": "37543",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37543"
},
{
"name": "ADV-2011-0415",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0415"
},
{
"name": "43366",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43366"
},
{
"name": "SUSE-SR:2010:006",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
},
{
"name": "oval:org.mitre.oval:def:10255",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10255"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sendmail.org/releases/8.14.4"
},
{
"name": "HPSBUX02508",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=126953289726317\u0026w=2"
},
{
"name": "ADV-2010-0719",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0719"
},
{
"name": "RHSA-2011:0262",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0262.html"
},
{
"name": "DSA-1985",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-1985"
},
{
"name": "oval:org.mitre.oval:def:11822",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11822"
},
{
"name": "SSRT100007",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=126953289726317\u0026w=2"
},
{
"name": "40109",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40109"
},
{
"name": "38915",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38915"
},
{
"name": "ADV-2010-1386",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1386"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-12-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "sendmail before 8.14.4 does not properly handle a \u0027\\0\u0027 character in a Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote attackers to bypass intended access restrictions via a crafted client certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "38314",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38314"
},
{
"name": "GLSA-201206-30",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201206-30.xml"
},
{
"name": "1021797",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021797.1-1"
},
{
"name": "39088",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39088"
},
{
"name": "ADV-2009-3661",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3661"
},
{
"name": "37998",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37998"
},
{
"name": "37543",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37543"
},
{
"name": "ADV-2011-0415",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0415"
},
{
"name": "43366",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43366"
},
{
"name": "SUSE-SR:2010:006",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
},
{
"name": "oval:org.mitre.oval:def:10255",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10255"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sendmail.org/releases/8.14.4"
},
{
"name": "HPSBUX02508",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=126953289726317\u0026w=2"
},
{
"name": "ADV-2010-0719",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0719"
},
{
"name": "RHSA-2011:0262",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0262.html"
},
{
"name": "DSA-1985",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-1985"
},
{
"name": "oval:org.mitre.oval:def:11822",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11822"
},
{
"name": "SSRT100007",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=126953289726317\u0026w=2"
},
{
"name": "40109",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40109"
},
{
"name": "38915",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38915"
},
{
"name": "ADV-2010-1386",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1386"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4565",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "sendmail before 8.14.4 does not properly handle a \u0027\\0\u0027 character in a Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote attackers to bypass intended access restrictions via a crafted client certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "38314",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38314"
},
{
"name": "GLSA-201206-30",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201206-30.xml"
},
{
"name": "1021797",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021797.1-1"
},
{
"name": "39088",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39088"
},
{
"name": "ADV-2009-3661",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3661"
},
{
"name": "37998",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37998"
},
{
"name": "37543",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37543"
},
{
"name": "ADV-2011-0415",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0415"
},
{
"name": "43366",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43366"
},
{
"name": "SUSE-SR:2010:006",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
},
{
"name": "oval:org.mitre.oval:def:10255",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10255"
},
{
"name": "http://www.sendmail.org/releases/8.14.4",
"refsource": "CONFIRM",
"url": "http://www.sendmail.org/releases/8.14.4"
},
{
"name": "HPSBUX02508",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=126953289726317\u0026w=2"
},
{
"name": "ADV-2010-0719",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0719"
},
{
"name": "RHSA-2011:0262",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0262.html"
},
{
"name": "DSA-1985",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-1985"
},
{
"name": "oval:org.mitre.oval:def:11822",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11822"
},
{
"name": "SSRT100007",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=126953289726317\u0026w=2"
},
{
"name": "40109",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40109"
},
{
"name": "38915",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38915"
},
{
"name": "ADV-2010-1386",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1386"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4565",
"datePublished": "2010-01-04T21:00:00",
"dateReserved": "2010-01-04T00:00:00",
"dateUpdated": "2024-08-07T07:08:38.091Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1490 (GCVE-0-2009-1490)
Vulnerability from cvelistv5 – Published: 2009-05-05 19:00 – Updated: 2024-08-07 05:13
VLAI?
Summary
Heap-based buffer overflow in Sendmail before 8.13.2 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long X- header, as demonstrated by an X-Testing header.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:13:25.560Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sendmail.org/releases/8.13.2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nmrc.org/~thegnome/blog/apr09/"
},
{
"name": "sendmail-xheader-bo(50355)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50355"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Sendmail before 8.13.2 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long X- header, as demonstrated by an X-Testing header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sendmail.org/releases/8.13.2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nmrc.org/~thegnome/blog/apr09/"
},
{
"name": "sendmail-xheader-bo(50355)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50355"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1490",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Sendmail before 8.13.2 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long X- header, as demonstrated by an X-Testing header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.sendmail.org/releases/8.13.2",
"refsource": "CONFIRM",
"url": "http://www.sendmail.org/releases/8.13.2"
},
{
"name": "http://www.nmrc.org/~thegnome/blog/apr09/",
"refsource": "MISC",
"url": "http://www.nmrc.org/~thegnome/blog/apr09/"
},
{
"name": "sendmail-xheader-bo(50355)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50355"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1490",
"datePublished": "2009-05-05T19:00:00",
"dateReserved": "2009-04-30T00:00:00",
"dateUpdated": "2024-08-07T05:13:25.560Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-2423 (GCVE-0-2002-2423)
Vulnerability from cvelistv5 – Published: 2007-11-01 17:00 – Updated: 2024-09-16 17:17
VLAI?
Summary
Sendmail 8.12.0 through 8.12.6 truncates log messages longer than 100 characters, which allows remote attackers to prevent the IP address from being logged via a long IDENT response.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:06:53.908Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "5770",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5770"
},
{
"name": "20020921 Sendmail logging and short string precision allows anonymous commands/relay",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archive.cert.uni-stuttgart.de/bugtraq/2002/09/msg00267.html"
},
{
"name": "sendmail-ident-logging-bypass(10153)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10153.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sendmail 8.12.0 through 8.12.6 truncates log messages longer than 100 characters, which allows remote attackers to prevent the IP address from being logged via a long IDENT response."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-11-01T17:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "5770",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5770"
},
{
"name": "20020921 Sendmail logging and short string precision allows anonymous commands/relay",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archive.cert.uni-stuttgart.de/bugtraq/2002/09/msg00267.html"
},
{
"name": "sendmail-ident-logging-bypass(10153)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10153.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2423",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sendmail 8.12.0 through 8.12.6 truncates log messages longer than 100 characters, which allows remote attackers to prevent the IP address from being logged via a long IDENT response."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "5770",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5770"
},
{
"name": "20020921 Sendmail logging and short string precision allows anonymous commands/relay",
"refsource": "BUGTRAQ",
"url": "http://archive.cert.uni-stuttgart.de/bugtraq/2002/09/msg00267.html"
},
{
"name": "sendmail-ident-logging-bypass(10153)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10153.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2423",
"datePublished": "2007-11-01T17:00:00Z",
"dateReserved": "2007-11-01T00:00:00Z",
"dateUpdated": "2024-09-16T17:17:37.413Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-2261 (GCVE-0-2002-2261)
Vulnerability from cvelistv5 – Published: 2007-10-18 10:00 – Updated: 2024-08-08 03:59
VLAI?
Summary
Sendmail 8.9.0 through 8.12.6 allows remote attackers to bypass relaying restrictions enforced by the 'check_relay' function by spoofing a blank DNS hostname.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:59:11.838Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:6892",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6892"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sendmail.org/8.12.7.html"
},
{
"name": "ADV-2009-3539",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3539"
},
{
"name": "oval:org.mitre.oval:def:8512",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8512"
},
{
"name": "1005748",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1005748"
},
{
"name": "20030101-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030101-01-P"
},
{
"name": "6548",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6548"
},
{
"name": "sendmail-check-relay-bypass(10775)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10775"
},
{
"name": "7826",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/7826"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-12-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Sendmail 8.9.0 through 8.12.6 allows remote attackers to bypass relaying restrictions enforced by the \u0027check_relay\u0027 function by spoofing a blank DNS hostname."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:6892",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6892"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sendmail.org/8.12.7.html"
},
{
"name": "ADV-2009-3539",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3539"
},
{
"name": "oval:org.mitre.oval:def:8512",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8512"
},
{
"name": "1005748",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1005748"
},
{
"name": "20030101-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030101-01-P"
},
{
"name": "6548",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6548"
},
{
"name": "sendmail-check-relay-bypass(10775)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10775"
},
{
"name": "7826",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/7826"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2261",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sendmail 8.9.0 through 8.12.6 allows remote attackers to bypass relaying restrictions enforced by the \u0027check_relay\u0027 function by spoofing a blank DNS hostname."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:6892",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6892"
},
{
"name": "http://www.sendmail.org/8.12.7.html",
"refsource": "CONFIRM",
"url": "http://www.sendmail.org/8.12.7.html"
},
{
"name": "ADV-2009-3539",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3539"
},
{
"name": "oval:org.mitre.oval:def:8512",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8512"
},
{
"name": "1005748",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1005748"
},
{
"name": "20030101-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030101-01-P"
},
{
"name": "6548",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6548"
},
{
"name": "sendmail-check-relay-bypass(10775)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10775"
},
{
"name": "7826",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/7826"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2261",
"datePublished": "2007-10-18T10:00:00",
"dateReserved": "2007-10-17T00:00:00",
"dateUpdated": "2024-08-08T03:59:11.838Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-1592 (GCVE-0-1999-1592)
Vulnerability from cvelistv5 – Published: 2007-07-12 17:00 – Updated: 2024-09-16 17:03
VLAI?
Summary
Multiple unspecified vulnerabilities in sendmail 5, as installed on Sun SunOS 4.1.3_U1 and 4.1.4, have unspecified attack vectors and impact. NOTE: this might overlap CVE-1999-0129.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:18:07.602Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "00159",
"tags": [
"vendor-advisory",
"x_refsource_SUN",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-22-00159-1"
},
{
"name": "243",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/243"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in sendmail 5, as installed on Sun SunOS 4.1.3_U1 and 4.1.4, have unspecified attack vectors and impact. NOTE: this might overlap CVE-1999-0129."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-07-12T17:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "00159",
"tags": [
"vendor-advisory",
"x_refsource_SUN"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-22-00159-1"
},
{
"name": "243",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/243"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1592",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in sendmail 5, as installed on Sun SunOS 4.1.3_U1 and 4.1.4, have unspecified attack vectors and impact. NOTE: this might overlap CVE-1999-0129."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "00159",
"refsource": "SUN",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-22-00159-1"
},
{
"name": "243",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/243"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1592",
"datePublished": "2007-07-12T17:00:00Z",
"dateReserved": "2007-07-12T00:00:00Z",
"dateUpdated": "2024-09-16T17:03:10.002Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2246 (GCVE-0-2007-2246)
Vulnerability from cvelistv5 – Published: 2007-04-25 16:00 – Updated: 2024-08-07 13:33
VLAI?
Summary
Unspecified vulnerability in HP-UX B.11.00 and B.11.11, when running sendmail 8.9.3 or 8.11.1; and HP-UX B.11.23 when running sendmail 8.11.1; allows remote attackers to cause a denial of service via unknown attack vectors. NOTE: due to the lack of details from HP, it is not known whether this issue is a duplicate of another CVE such as CVE-2006-1173 or CVE-2006-4434.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:33:28.308Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017966",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017966"
},
{
"name": "23606",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23606"
},
{
"name": "VU#349305",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/349305"
},
{
"name": "24990",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24990"
},
{
"name": "SSRT061243",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c00841370"
},
{
"name": "HPSBUX02183",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c00841370"
},
{
"name": "ADV-2007-1504",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1504"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP-UX B.11.00 and B.11.11, when running sendmail 8.9.3 or 8.11.1; and HP-UX B.11.23 when running sendmail 8.11.1; allows remote attackers to cause a denial of service via unknown attack vectors. NOTE: due to the lack of details from HP, it is not known whether this issue is a duplicate of another CVE such as CVE-2006-1173 or CVE-2006-4434."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-05-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017966",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017966"
},
{
"name": "23606",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23606"
},
{
"name": "VU#349305",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/349305"
},
{
"name": "24990",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24990"
},
{
"name": "SSRT061243",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c00841370"
},
{
"name": "HPSBUX02183",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c00841370"
},
{
"name": "ADV-2007-1504",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1504"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2246",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in HP-UX B.11.00 and B.11.11, when running sendmail 8.9.3 or 8.11.1; and HP-UX B.11.23 when running sendmail 8.11.1; allows remote attackers to cause a denial of service via unknown attack vectors. NOTE: due to the lack of details from HP, it is not known whether this issue is a duplicate of another CVE such as CVE-2006-1173 or CVE-2006-4434."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017966",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017966"
},
{
"name": "23606",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23606"
},
{
"name": "VU#349305",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/349305"
},
{
"name": "24990",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24990"
},
{
"name": "SSRT061243",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c00841370"
},
{
"name": "HPSBUX02183",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c00841370"
},
{
"name": "ADV-2007-1504",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1504"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2246",
"datePublished": "2007-04-25T16:00:00",
"dateReserved": "2007-04-25T00:00:00",
"dateUpdated": "2024-08-07T13:33:28.308Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-51765 (GCVE-0-2023-51765)
Vulnerability from nvd – Published: 2023-12-24 00:00 – Updated: 2024-08-02 22:48
VLAI?
Summary
sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports <LF>.<CR><LF> but some other popular e-mail servers do not. This is resolved in 8.18 and later versions with 'o' in srv_features.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:48:11.197Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2023/12/22/7"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2023/12/21/7"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/freebsd/freebsd-src/commit/5dd76dd0cc19450133aa379ce0ce4a68ae07fb39#diff-afdf514b32ac88004952c11660c57bc96c3d8b2234007c1cbd8d7ed7fd7935cc"
},
{
"name": "[oss-security] 20231224 Re: Re: New SMTP smuggling attack",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/24/1"
},
{
"name": "[oss-security] 20231225 Re: Re: New SMTP smuggling attack",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/25/1"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1218351"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255869"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-51765"
},
{
"tags": [
"x_transferred"
],
"url": "https://fahrplan.events.ccc.de/congress/2023/fahrplan/events/11782.html"
},
{
"name": "[oss-security] 20231226 Re: New SMTP smuggling attack",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/26/5"
},
{
"name": "[oss-security] 20231229 Re: Re: New SMTP smuggling attack",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/29/5"
},
{
"name": "[oss-security] 20231230 Re: Re: New SMTP smuggling attack",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/30/3"
},
{
"name": "[oss-security] 20231230 Re: Re: New SMTP smuggling attack",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/30/1"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.youtube.com/watch?v=V8KPV96g1To"
},
{
"tags": [
"x_transferred"
],
"url": "https://lwn.net/Articles/956533/"
},
{
"name": "[debian-lts-announce] 20240615 [SECURITY] [DLA 3829-1] sendmail security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00004.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because sendmail supports \u003cLF\u003e.\u003cCR\u003e\u003cLF\u003e but some other popular e-mail servers do not. This is resolved in 8.18 and later versions with \u0027o\u0027 in srv_features."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-15T09:05:58.617529",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/"
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/12/22/7"
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/12/21/7"
},
{
"url": "https://github.com/freebsd/freebsd-src/commit/5dd76dd0cc19450133aa379ce0ce4a68ae07fb39#diff-afdf514b32ac88004952c11660c57bc96c3d8b2234007c1cbd8d7ed7fd7935cc"
},
{
"name": "[oss-security] 20231224 Re: Re: New SMTP smuggling attack",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/24/1"
},
{
"name": "[oss-security] 20231225 Re: Re: New SMTP smuggling attack",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/25/1"
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1218351"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255869"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-51765"
},
{
"url": "https://fahrplan.events.ccc.de/congress/2023/fahrplan/events/11782.html"
},
{
"name": "[oss-security] 20231226 Re: New SMTP smuggling attack",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/26/5"
},
{
"name": "[oss-security] 20231229 Re: Re: New SMTP smuggling attack",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/29/5"
},
{
"name": "[oss-security] 20231230 Re: Re: New SMTP smuggling attack",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/30/3"
},
{
"name": "[oss-security] 20231230 Re: Re: New SMTP smuggling attack",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/30/1"
},
{
"url": "https://www.youtube.com/watch?v=V8KPV96g1To"
},
{
"url": "https://lwn.net/Articles/956533/"
},
{
"name": "[debian-lts-announce] 20240615 [SECURITY] [DLA 3829-1] sendmail security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00004.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-51765",
"datePublished": "2023-12-24T00:00:00",
"dateReserved": "2023-12-24T00:00:00",
"dateUpdated": "2024-08-02T22:48:11.197Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3618 (GCVE-0-2021-3618)
Vulnerability from nvd – Published: 2022-03-23 00:00 – Updated: 2024-08-03 17:01
VLAI?
Summary
ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
Severity ?
No CVSS data available.
CWE
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:01:07.459Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1975623"
},
{
"tags": [
"x_transferred"
],
"url": "https://alpaca-attack.com/"
},
{
"name": "[debian-lts-announce] 20221122 [SECURITY] [DLA 3203-1] nginx security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ALPACA",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "vsftpd 3.0.4, nginx 1.21.0, sendmail 8.17"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim\u0027s traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-23T00:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1975623"
},
{
"url": "https://alpaca-attack.com/"
},
{
"name": "[debian-lts-announce] 20221122 [SECURITY] [DLA 3203-1] nginx security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00031.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2021-3618",
"datePublished": "2022-03-23T00:00:00",
"dateReserved": "2021-06-24T00:00:00",
"dateUpdated": "2024-08-03T17:01:07.459Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3956 (GCVE-0-2014-3956)
Vulnerability from nvd – Published: 2014-06-04 10:00 – Updated: 2024-08-06 10:57
VLAI?
Summary
The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:57:18.265Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05216368"
},
{
"name": "58628",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/58628"
},
{
"name": "FreeBSD-SA-14:11",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-14%3A11.sendmail.asc"
},
{
"name": "MDVSA-2015:128",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:128"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/126975/Slackware-Security-Advisory-sendmail-Updates.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "ftp://ftp.sendmail.org/pub/sendmail/RELEASE_NOTES"
},
{
"name": "GLSA-201412-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201412-32.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sendmail.com/sm/open_source/download/8.14.9/"
},
{
"name": "openSUSE-SU-2014:0804",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00032.html"
},
{
"name": "MDVSA-2014:147",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:147"
},
{
"name": "FEDORA-2014-7093",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134349.html"
},
{
"name": "openSUSE-SU-2014:0805",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00033.html"
},
{
"name": "57455",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/57455"
},
{
"name": "67791",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/67791"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2014-0270.html"
},
{
"name": "SSA:2014-156-04",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2014\u0026m=slackware-security.728644"
},
{
"name": "1030331",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030331"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-28T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05216368"
},
{
"name": "58628",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/58628"
},
{
"name": "FreeBSD-SA-14:11",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-14%3A11.sendmail.asc"
},
{
"name": "MDVSA-2015:128",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:128"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/126975/Slackware-Security-Advisory-sendmail-Updates.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "ftp://ftp.sendmail.org/pub/sendmail/RELEASE_NOTES"
},
{
"name": "GLSA-201412-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201412-32.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sendmail.com/sm/open_source/download/8.14.9/"
},
{
"name": "openSUSE-SU-2014:0804",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00032.html"
},
{
"name": "MDVSA-2014:147",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:147"
},
{
"name": "FEDORA-2014-7093",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134349.html"
},
{
"name": "openSUSE-SU-2014:0805",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00033.html"
},
{
"name": "57455",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/57455"
},
{
"name": "67791",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/67791"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2014-0270.html"
},
{
"name": "SSA:2014-156-04",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2014\u0026m=slackware-security.728644"
},
{
"name": "1030331",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030331"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3956",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong order, and consequently skips setting expected FD_CLOEXEC flags, which allows local users to access unintended high-numbered file descriptors via a custom mail-delivery program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05216368",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05216368"
},
{
"name": "58628",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58628"
},
{
"name": "FreeBSD-SA-14:11",
"refsource": "FREEBSD",
"url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-14%3A11.sendmail.asc"
},
{
"name": "MDVSA-2015:128",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:128"
},
{
"name": "http://packetstormsecurity.com/files/126975/Slackware-Security-Advisory-sendmail-Updates.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/126975/Slackware-Security-Advisory-sendmail-Updates.html"
},
{
"name": "ftp://ftp.sendmail.org/pub/sendmail/RELEASE_NOTES",
"refsource": "CONFIRM",
"url": "ftp://ftp.sendmail.org/pub/sendmail/RELEASE_NOTES"
},
{
"name": "GLSA-201412-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201412-32.xml"
},
{
"name": "http://www.sendmail.com/sm/open_source/download/8.14.9/",
"refsource": "CONFIRM",
"url": "http://www.sendmail.com/sm/open_source/download/8.14.9/"
},
{
"name": "openSUSE-SU-2014:0804",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00032.html"
},
{
"name": "MDVSA-2014:147",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:147"
},
{
"name": "FEDORA-2014-7093",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134349.html"
},
{
"name": "openSUSE-SU-2014:0805",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-06/msg00033.html"
},
{
"name": "57455",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57455"
},
{
"name": "67791",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67791"
},
{
"name": "http://advisories.mageia.org/MGASA-2014-0270.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0270.html"
},
{
"name": "SSA:2014-156-04",
"refsource": "SLACKWARE",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2014\u0026m=slackware-security.728644"
},
{
"name": "1030331",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030331"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-3956",
"datePublished": "2014-06-04T10:00:00",
"dateReserved": "2014-06-03T00:00:00",
"dateUpdated": "2024-08-06T10:57:18.265Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-4565 (GCVE-0-2009-4565)
Vulnerability from nvd – Published: 2010-01-04 21:00 – Updated: 2024-08-07 07:08
VLAI?
Summary
sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote attackers to bypass intended access restrictions via a crafted client certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:08:38.091Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "38314",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38314"
},
{
"name": "GLSA-201206-30",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201206-30.xml"
},
{
"name": "1021797",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021797.1-1"
},
{
"name": "39088",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39088"
},
{
"name": "ADV-2009-3661",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3661"
},
{
"name": "37998",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37998"
},
{
"name": "37543",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37543"
},
{
"name": "ADV-2011-0415",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0415"
},
{
"name": "43366",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43366"
},
{
"name": "SUSE-SR:2010:006",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
},
{
"name": "oval:org.mitre.oval:def:10255",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10255"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sendmail.org/releases/8.14.4"
},
{
"name": "HPSBUX02508",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=126953289726317\u0026w=2"
},
{
"name": "ADV-2010-0719",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0719"
},
{
"name": "RHSA-2011:0262",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0262.html"
},
{
"name": "DSA-1985",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2010/dsa-1985"
},
{
"name": "oval:org.mitre.oval:def:11822",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11822"
},
{
"name": "SSRT100007",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=126953289726317\u0026w=2"
},
{
"name": "40109",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40109"
},
{
"name": "38915",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38915"
},
{
"name": "ADV-2010-1386",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1386"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-12-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "sendmail before 8.14.4 does not properly handle a \u0027\\0\u0027 character in a Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote attackers to bypass intended access restrictions via a crafted client certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "38314",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38314"
},
{
"name": "GLSA-201206-30",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201206-30.xml"
},
{
"name": "1021797",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021797.1-1"
},
{
"name": "39088",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39088"
},
{
"name": "ADV-2009-3661",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3661"
},
{
"name": "37998",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37998"
},
{
"name": "37543",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37543"
},
{
"name": "ADV-2011-0415",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0415"
},
{
"name": "43366",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43366"
},
{
"name": "SUSE-SR:2010:006",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
},
{
"name": "oval:org.mitre.oval:def:10255",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10255"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sendmail.org/releases/8.14.4"
},
{
"name": "HPSBUX02508",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=126953289726317\u0026w=2"
},
{
"name": "ADV-2010-0719",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0719"
},
{
"name": "RHSA-2011:0262",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-0262.html"
},
{
"name": "DSA-1985",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2010/dsa-1985"
},
{
"name": "oval:org.mitre.oval:def:11822",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11822"
},
{
"name": "SSRT100007",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=126953289726317\u0026w=2"
},
{
"name": "40109",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40109"
},
{
"name": "38915",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38915"
},
{
"name": "ADV-2010-1386",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1386"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4565",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "sendmail before 8.14.4 does not properly handle a \u0027\\0\u0027 character in a Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote attackers to bypass intended access restrictions via a crafted client certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "38314",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38314"
},
{
"name": "GLSA-201206-30",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201206-30.xml"
},
{
"name": "1021797",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021797.1-1"
},
{
"name": "39088",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39088"
},
{
"name": "ADV-2009-3661",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3661"
},
{
"name": "37998",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37998"
},
{
"name": "37543",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37543"
},
{
"name": "ADV-2011-0415",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0415"
},
{
"name": "43366",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43366"
},
{
"name": "SUSE-SR:2010:006",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html"
},
{
"name": "oval:org.mitre.oval:def:10255",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10255"
},
{
"name": "http://www.sendmail.org/releases/8.14.4",
"refsource": "CONFIRM",
"url": "http://www.sendmail.org/releases/8.14.4"
},
{
"name": "HPSBUX02508",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=126953289726317\u0026w=2"
},
{
"name": "ADV-2010-0719",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0719"
},
{
"name": "RHSA-2011:0262",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-0262.html"
},
{
"name": "DSA-1985",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2010/dsa-1985"
},
{
"name": "oval:org.mitre.oval:def:11822",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11822"
},
{
"name": "SSRT100007",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=126953289726317\u0026w=2"
},
{
"name": "40109",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40109"
},
{
"name": "38915",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38915"
},
{
"name": "ADV-2010-1386",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1386"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4565",
"datePublished": "2010-01-04T21:00:00",
"dateReserved": "2010-01-04T00:00:00",
"dateUpdated": "2024-08-07T07:08:38.091Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1490 (GCVE-0-2009-1490)
Vulnerability from nvd – Published: 2009-05-05 19:00 – Updated: 2024-08-07 05:13
VLAI?
Summary
Heap-based buffer overflow in Sendmail before 8.13.2 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long X- header, as demonstrated by an X-Testing header.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:13:25.560Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sendmail.org/releases/8.13.2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nmrc.org/~thegnome/blog/apr09/"
},
{
"name": "sendmail-xheader-bo(50355)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50355"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Sendmail before 8.13.2 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long X- header, as demonstrated by an X-Testing header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sendmail.org/releases/8.13.2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nmrc.org/~thegnome/blog/apr09/"
},
{
"name": "sendmail-xheader-bo(50355)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50355"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1490",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Sendmail before 8.13.2 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long X- header, as demonstrated by an X-Testing header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.sendmail.org/releases/8.13.2",
"refsource": "CONFIRM",
"url": "http://www.sendmail.org/releases/8.13.2"
},
{
"name": "http://www.nmrc.org/~thegnome/blog/apr09/",
"refsource": "MISC",
"url": "http://www.nmrc.org/~thegnome/blog/apr09/"
},
{
"name": "sendmail-xheader-bo(50355)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50355"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1490",
"datePublished": "2009-05-05T19:00:00",
"dateReserved": "2009-04-30T00:00:00",
"dateUpdated": "2024-08-07T05:13:25.560Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-2423 (GCVE-0-2002-2423)
Vulnerability from nvd – Published: 2007-11-01 17:00 – Updated: 2024-09-16 17:17
VLAI?
Summary
Sendmail 8.12.0 through 8.12.6 truncates log messages longer than 100 characters, which allows remote attackers to prevent the IP address from being logged via a long IDENT response.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:06:53.908Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "5770",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5770"
},
{
"name": "20020921 Sendmail logging and short string precision allows anonymous commands/relay",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archive.cert.uni-stuttgart.de/bugtraq/2002/09/msg00267.html"
},
{
"name": "sendmail-ident-logging-bypass(10153)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10153.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sendmail 8.12.0 through 8.12.6 truncates log messages longer than 100 characters, which allows remote attackers to prevent the IP address from being logged via a long IDENT response."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-11-01T17:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "5770",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5770"
},
{
"name": "20020921 Sendmail logging and short string precision allows anonymous commands/relay",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archive.cert.uni-stuttgart.de/bugtraq/2002/09/msg00267.html"
},
{
"name": "sendmail-ident-logging-bypass(10153)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10153.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2423",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sendmail 8.12.0 through 8.12.6 truncates log messages longer than 100 characters, which allows remote attackers to prevent the IP address from being logged via a long IDENT response."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "5770",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5770"
},
{
"name": "20020921 Sendmail logging and short string precision allows anonymous commands/relay",
"refsource": "BUGTRAQ",
"url": "http://archive.cert.uni-stuttgart.de/bugtraq/2002/09/msg00267.html"
},
{
"name": "sendmail-ident-logging-bypass(10153)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10153.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2423",
"datePublished": "2007-11-01T17:00:00Z",
"dateReserved": "2007-11-01T00:00:00Z",
"dateUpdated": "2024-09-16T17:17:37.413Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-2261 (GCVE-0-2002-2261)
Vulnerability from nvd – Published: 2007-10-18 10:00 – Updated: 2024-08-08 03:59
VLAI?
Summary
Sendmail 8.9.0 through 8.12.6 allows remote attackers to bypass relaying restrictions enforced by the 'check_relay' function by spoofing a blank DNS hostname.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:59:11.838Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:6892",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6892"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sendmail.org/8.12.7.html"
},
{
"name": "ADV-2009-3539",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3539"
},
{
"name": "oval:org.mitre.oval:def:8512",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8512"
},
{
"name": "1005748",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1005748"
},
{
"name": "20030101-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030101-01-P"
},
{
"name": "6548",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6548"
},
{
"name": "sendmail-check-relay-bypass(10775)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10775"
},
{
"name": "7826",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/7826"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-12-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Sendmail 8.9.0 through 8.12.6 allows remote attackers to bypass relaying restrictions enforced by the \u0027check_relay\u0027 function by spoofing a blank DNS hostname."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:6892",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6892"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sendmail.org/8.12.7.html"
},
{
"name": "ADV-2009-3539",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3539"
},
{
"name": "oval:org.mitre.oval:def:8512",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8512"
},
{
"name": "1005748",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1005748"
},
{
"name": "20030101-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030101-01-P"
},
{
"name": "6548",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6548"
},
{
"name": "sendmail-check-relay-bypass(10775)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10775"
},
{
"name": "7826",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/7826"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2261",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sendmail 8.9.0 through 8.12.6 allows remote attackers to bypass relaying restrictions enforced by the \u0027check_relay\u0027 function by spoofing a blank DNS hostname."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:6892",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6892"
},
{
"name": "http://www.sendmail.org/8.12.7.html",
"refsource": "CONFIRM",
"url": "http://www.sendmail.org/8.12.7.html"
},
{
"name": "ADV-2009-3539",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3539"
},
{
"name": "oval:org.mitre.oval:def:8512",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8512"
},
{
"name": "1005748",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1005748"
},
{
"name": "20030101-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030101-01-P"
},
{
"name": "6548",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6548"
},
{
"name": "sendmail-check-relay-bypass(10775)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10775"
},
{
"name": "7826",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/7826"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2261",
"datePublished": "2007-10-18T10:00:00",
"dateReserved": "2007-10-17T00:00:00",
"dateUpdated": "2024-08-08T03:59:11.838Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-1999-1592 (GCVE-0-1999-1592)
Vulnerability from nvd – Published: 2007-07-12 17:00 – Updated: 2024-09-16 17:03
VLAI?
Summary
Multiple unspecified vulnerabilities in sendmail 5, as installed on Sun SunOS 4.1.3_U1 and 4.1.4, have unspecified attack vectors and impact. NOTE: this might overlap CVE-1999-0129.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T17:18:07.602Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "00159",
"tags": [
"vendor-advisory",
"x_refsource_SUN",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-22-00159-1"
},
{
"name": "243",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/243"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in sendmail 5, as installed on Sun SunOS 4.1.3_U1 and 4.1.4, have unspecified attack vectors and impact. NOTE: this might overlap CVE-1999-0129."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-07-12T17:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "00159",
"tags": [
"vendor-advisory",
"x_refsource_SUN"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-22-00159-1"
},
{
"name": "243",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/243"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-1999-1592",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in sendmail 5, as installed on Sun SunOS 4.1.3_U1 and 4.1.4, have unspecified attack vectors and impact. NOTE: this might overlap CVE-1999-0129."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "00159",
"refsource": "SUN",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-22-00159-1"
},
{
"name": "243",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/243"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-1999-1592",
"datePublished": "2007-07-12T17:00:00Z",
"dateReserved": "2007-07-12T00:00:00Z",
"dateUpdated": "2024-09-16T17:03:10.002Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2246 (GCVE-0-2007-2246)
Vulnerability from nvd – Published: 2007-04-25 16:00 – Updated: 2024-08-07 13:33
VLAI?
Summary
Unspecified vulnerability in HP-UX B.11.00 and B.11.11, when running sendmail 8.9.3 or 8.11.1; and HP-UX B.11.23 when running sendmail 8.11.1; allows remote attackers to cause a denial of service via unknown attack vectors. NOTE: due to the lack of details from HP, it is not known whether this issue is a duplicate of another CVE such as CVE-2006-1173 or CVE-2006-4434.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:33:28.308Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017966",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017966"
},
{
"name": "23606",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23606"
},
{
"name": "VU#349305",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/349305"
},
{
"name": "24990",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24990"
},
{
"name": "SSRT061243",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c00841370"
},
{
"name": "HPSBUX02183",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c00841370"
},
{
"name": "ADV-2007-1504",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1504"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in HP-UX B.11.00 and B.11.11, when running sendmail 8.9.3 or 8.11.1; and HP-UX B.11.23 when running sendmail 8.11.1; allows remote attackers to cause a denial of service via unknown attack vectors. NOTE: due to the lack of details from HP, it is not known whether this issue is a duplicate of another CVE such as CVE-2006-1173 or CVE-2006-4434."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-05-02T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017966",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017966"
},
{
"name": "23606",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23606"
},
{
"name": "VU#349305",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/349305"
},
{
"name": "24990",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24990"
},
{
"name": "SSRT061243",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c00841370"
},
{
"name": "HPSBUX02183",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c00841370"
},
{
"name": "ADV-2007-1504",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1504"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2246",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in HP-UX B.11.00 and B.11.11, when running sendmail 8.9.3 or 8.11.1; and HP-UX B.11.23 when running sendmail 8.11.1; allows remote attackers to cause a denial of service via unknown attack vectors. NOTE: due to the lack of details from HP, it is not known whether this issue is a duplicate of another CVE such as CVE-2006-1173 or CVE-2006-4434."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017966",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017966"
},
{
"name": "23606",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23606"
},
{
"name": "VU#349305",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/349305"
},
{
"name": "24990",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24990"
},
{
"name": "SSRT061243",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c00841370"
},
{
"name": "HPSBUX02183",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c00841370"
},
{
"name": "ADV-2007-1504",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1504"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2246",
"datePublished": "2007-04-25T16:00:00",
"dateReserved": "2007-04-25T00:00:00",
"dateUpdated": "2024-08-07T13:33:28.308Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}