Vulnerabilites related to hp - sis
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.01:*:*:*:*:*:*:*",
"matchCriteriaId": "53BBFE9A-6846-4625-91AC-47AA0BC0933A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:*",
"matchCriteriaId": "38BFA923-7D80-4F01-AF9F-6F13209948AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*",
"matchCriteriaId": "EDE44C49-172C-4899-8CC8-29AA99A7CD2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.24:*:*:*:*:*:*:*",
"matchCriteriaId": "4259A901-A1CF-44EE-80C4-2031D3FCADC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F038B325-A982-43FB-9146-E103CCFB5C41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.11i:*:*:*:*:*:*:*",
"matchCriteriaId": "C10245E1-C95C-4219-92C9-888E5966ABF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*",
"matchCriteriaId": "EBD0DC0A-ACAD-4870-9C0F-3095F2AC8CCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.23:*:*:*:*:*:*:*",
"matchCriteriaId": "32310AFE-38CC-4C6C-AE13-54C18720F2C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux_series_700:10.20:*:*:*:*:*:*:*",
"matchCriteriaId": "8B369244-5327-4946-9C49-AC93AE75866B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux_series_800:10.20:*:*:*:*:*:*:*",
"matchCriteriaId": "A40F1951-2AC6-402E-95D6-19ECC3F695F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:sis:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDC3AECB-D8A1-413E-BC9B-7245B386FCE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:vvos:10.24:*:*:*:*:*:*:*",
"matchCriteriaId": "D9B7C178-4BE6-4397-A4E2-01375E4CA978",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:vvos:11.04:*:*:*:*:*:*:*",
"matchCriteriaId": "1D462D6F-EB68-4E31-87FD-D918F5DEF3FB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request."
}
],
"id": "CVE-2004-1332",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110797179710695\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110797179710695\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://secunia.com/advisories/13608"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1012650"
},
{
"source": "cve@mitre.org",
"url": "http://www.idefense.com/application/poi/display?id=175\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/647438"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/12077"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18636"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5701"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110797179710695\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110797179710695\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://secunia.com/advisories/13608"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1012650"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.idefense.com/application/poi/display?id=175\u0026type=vulnerabilities\u0026flashstatus=false"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/647438"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/12077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18636"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5701"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-04-02 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sendmail:sendmail:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1CA16C02-3B8D-4188-898E-048A93F11ADA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:2.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF12CC4-C9CD-479A-8F85-8F947B5B60A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:2.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "623A2E07-2122-4ADE-9932-011DCA4396A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5C563EF-FDED-4193-A66A-06527878BB1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A267D3-2F49-4E61-B2C9-D8ED2265665E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7199205A-B914-40A1-9C82-A9698511E3C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BEC468AB-8B18-4169-8040-614A32444732",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76A9602B-8E5A-4BF4-81F5-D1152D09FCAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EFD0B100-D822-4EBF-8EC9-ADAB8141116B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "196D77DF-E6D4-46D0-BC2C-8804A587CA25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B743E5A3-6B15-4877-9424-A1F1A4214B73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.10:*:*:*:*:*:*:*",
"matchCriteriaId": "76A60742-7815-4658-A6F7-147AA48C24B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9A1A24F2-9C6B-4DF0-AB04-55D051812DD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "120271B8-08A9-4C21-A108-0DA61095A006",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "84E6ECDA-DF65-47FF-A42F-FD5C1D864FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7AA859AF-4E4E-4077-8E98-523E617A1DDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A9791650-C367-43B6-A0F4-5BB56CE10778",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8340DDA8-77DD-4AEB-B267-F86F64A851B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.4:*:*:*:*:*:*:*",
"matchCriteriaId": "07DCBBEE-1DF0-40FE-B755-1FC35CF16788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "581626E7-47B5-4819-B34F-B6DFD07A12F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8BBE9A4A-8AB9-4A97-A106-970FEB08952C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta10:*:*:*:*:*:*",
"matchCriteriaId": "BD99394C-5408-4A01-8D4E-417FFFFDE9C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta12:*:*:*:*:*:*",
"matchCriteriaId": "AAB59A24-87DE-4CAD-A2BA-AFCC0B2A55B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta16:*:*:*:*:*:*",
"matchCriteriaId": "97D641EF-0B69-45A1-B85E-3C9C93AB9D42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta5:*:*:*:*:*:*",
"matchCriteriaId": "8972211B-6A5B-4095-9CBB-CEF4C23C9C65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta7:*:*:*:*:*:*",
"matchCriteriaId": "8F81A2AD-90A0-4B97-86A3-92690A0FCA71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "598F74BA-2B71-435E-92B8-9DEADB3311A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "79A46DF2-8EEB-40C8-B1CA-01BC064BD25E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "581E5904-1A2B-49FF-BE3F-D42019AD816B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B6CC4C83-4FB9-4344-AFCB-C260659F81DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CAF763B4-58E3-4868-8C92-47DE3E4E5F40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8A4FCB77-7FAC-4A4B-851C-2F352B44D3CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6FEB3923-8F4B-4523-84F9-17D1CFA37F8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.7:*:*:*:*:*:*:*",
"matchCriteriaId": "58CD19B4-4BFD-4DE8-B21F-6B6CDE6793C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.8:*:*:*:*:*:*:*",
"matchCriteriaId": "7B82BBB7-CD72-4A33-97D4-B1E51A595323",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5492A89B-8140-4CF7-BE81-09C25A64373A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B2A6D5AF-2134-4EC5-B53A-CE95B5505325",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1B5FE819-E570-4AEE-BF0C-B9B1960A1AB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "913AF73A-F6DE-4FAF-8A09-02CD33784B27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "661A9B85-09EE-4D38-9160-8EEA6BE07BD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F28941D4-7D1E-4BF9-8E2F-C951978424E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DD930C49-512B-4114-8A97-80B1816CFCFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7E8553E3-578B-4BE3-BBAD-5589338586E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E7EE5C8E-8E2E-4C98-B8C5-B590E44B1EAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2A3930ED-DE49-4F01-A904-5D66E34832F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A3A51855-94DD-4F2E-BFF8-4ABE4613F962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "56B76FFE-90CB-4C11-9E9D-FFA896482628",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "74C77927-A67A-4C1B-BB80-18148E1F0FE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9C9D22E3-18F8-42F9-993E-81E832B0B125",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7BABB5CA-26F4-4DB6-9D43-1C82751DCCA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sendmail:sendmail_switch:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F323395B-4549-4B54-8BBF-66B1B1B3F563",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:compaq:tru64:4.0b:*:*:*:*:*:*:*",
"matchCriteriaId": "5E86C510-4F66-4B6B-BD11-E41E20ECAEEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:4.0d:*:*:*:*:*:*:*",
"matchCriteriaId": "B750254C-A460-4F52-B4A4-636CB2CBE50E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:4.0d_pk9_bl17:*:*:*:*:*:*:*",
"matchCriteriaId": "EF069023-0716-4806-9A04-1171770940B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:4.0f:*:*:*:*:*:*:*",
"matchCriteriaId": "AB2B5B59-B0CD-4F49-870B-F8F8BE902965",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:4.0f_pk6_bl17:*:*:*:*:*:*:*",
"matchCriteriaId": "F9A4900F-7A0B-441E-967D-45B1A051A5B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:4.0f_pk7_bl18:*:*:*:*:*:*:*",
"matchCriteriaId": "F41B68A9-C4EF-47F5-BE84-BD20C073C2D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:4.0g:*:*:*:*:*:*:*",
"matchCriteriaId": "75546AD4-15DD-45FD-AFFB-8A59CB8D401C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:4.0g_pk3_bl17:*:*:*:*:*:*:*",
"matchCriteriaId": "38B11F9E-64EE-47D1-A341-62F54382227C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3198FD9F-ACB8-4F59-A896-68A3A7287D78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.0_pk4_bl17:*:*:*:*:*:*:*",
"matchCriteriaId": "146562A0-D7AA-465D-9F48-5B0E75E4D109",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.0_pk4_bl18:*:*:*:*:*:*:*",
"matchCriteriaId": "6BC279C2-31D2-4A13-B38B-593FA761361E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.0a:*:*:*:*:*:*:*",
"matchCriteriaId": "5C85EF72-0F04-4705-9BED-C921F5FB7860",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.0a_pk3_bl17:*:*:*:*:*:*:*",
"matchCriteriaId": "B86A9A68-DFD4-42FD-A11C-FCBC73E6EDCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.0f:*:*:*:*:*:*:*",
"matchCriteriaId": "9BE8BFB6-FE31-4C44-9562-76DC47E105B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E296E409-EF32-48FC-88CB-C38C7CF4A239",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1_pk3_bl17:*:*:*:*:*:*:*",
"matchCriteriaId": "BE0BEA96-837B-4699-BE2E-CCD8F8F3CF38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1_pk4_bl18:*:*:*:*:*:*:*",
"matchCriteriaId": "1E4DFD7B-4A10-4991-AC26-C8A957E87009",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1_pk5_bl19:*:*:*:*:*:*:*",
"matchCriteriaId": "0EA62CD1-19EA-46D8-9423-BFFF9FC8CA3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1_pk6_bl20:*:*:*:*:*:*:*",
"matchCriteriaId": "881FCB3C-DAD8-4883-B185-19A61B76102B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1a:*:*:*:*:*:*:*",
"matchCriteriaId": "B9413090-D930-49DB-B7ED-7035C717B821",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1a_pk1_bl1:*:*:*:*:*:*:*",
"matchCriteriaId": "168C607C-6170-4936-9A53-AE3AAEBD79F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1a_pk2_bl2:*:*:*:*:*:*:*",
"matchCriteriaId": "A7793736-B551-428D-8A2F-291968E212FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1a_pk3_bl3:*:*:*:*:*:*:*",
"matchCriteriaId": "3AB7AD47-5AF1-4CE0-A295-48567F991EAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1b:*:*:*:*:*:*:*",
"matchCriteriaId": "55E0D6B2-C319-4DD4-AB4C-F2F35F7806F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:compaq:tru64:5.1b_pk1_bl1:*:*:*:*:*:*:*",
"matchCriteriaId": "CCEFCB5E-D7DF-48BF-B62A-081C4799F5A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.00:*:*:*:*:*:*:*",
"matchCriteriaId": "3187435B-C052-4DBA-AA79-F8AC0287EE14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.01:*:*:*:*:*:*:*",
"matchCriteriaId": "53BBFE9A-6846-4625-91AC-47AA0BC0933A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.08:*:*:*:*:*:*:*",
"matchCriteriaId": "2170549C-80D2-4FF8-AC07-BD4124125B02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.09:*:*:*:*:*:*:*",
"matchCriteriaId": "066D4E93-366F-42D4-B27D-8AF981F5F2AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.10:*:*:*:*:*:*:*",
"matchCriteriaId": "38BFA923-7D80-4F01-AF9F-6F13209948AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.16:*:*:*:*:*:*:*",
"matchCriteriaId": "38E41C26-A086-4C9C-83D8-CB910F4B67F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.20:*:*:*:*:*:*:*",
"matchCriteriaId": "EDE44C49-172C-4899-8CC8-29AA99A7CD2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.24:*:*:*:*:*:*:*",
"matchCriteriaId": "4259A901-A1CF-44EE-80C4-2031D3FCADC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.26:*:*:*:*:*:*:*",
"matchCriteriaId": "CE98EAD2-838F-42A2-BC90-F739A6639D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.30:*:*:*:*:*:*:*",
"matchCriteriaId": "09070FE3-EF6B-41F6-89D8-3C9E31F3A6BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:10.34:*:*:*:*:*:*:*",
"matchCriteriaId": "CFD50216-90AC-480E-A11C-E88E64C6D84A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "771931F7-9180-4EBD-8627-E1CF17D24647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB008E3-9A00-4D28-8826-A9FCC9F65314",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD9BE2B-7255-4FC1-B452-E8370632B03F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.20:*:*:*:*:*:*:*",
"matchCriteriaId": "6AB76FE0-BEF3-40D4-B362-0C95CA625A71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux:11.22:*:*:*:*:*:*:*",
"matchCriteriaId": "EBD0DC0A-ACAD-4870-9C0F-3095F2AC8CCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux_series_700:10.20:*:*:*:*:*:*:*",
"matchCriteriaId": "8B369244-5327-4946-9C49-AC93AE75866B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:hp-ux_series_800:10.20:*:*:*:*:*:*:*",
"matchCriteriaId": "A40F1951-2AC6-402E-95D6-19ECC3F695F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:hp:sis:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDC3AECB-D8A1-413E-BC9B-7245B386FCE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:2.4:*:x86:*:*:*:*:*",
"matchCriteriaId": "1F881110-7B54-49DA-B23A-710273430C44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:2.5:*:x86:*:*:*:*:*",
"matchCriteriaId": "200D8CB2-0D52-40A8-9CD9-6E4513605201",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:2.5.1:*:ppc:*:*:*:*:*",
"matchCriteriaId": "54AF87E4-52A4-44CA-B48E-A5BB139E6410",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:2.5.1:*:x86:*:*:*:*:*",
"matchCriteriaId": "F66BAF35-A8B9-4E95-B270-444206FDD35B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "34EBF074-78C8-41AF-88F1-DA6726E56F8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:7.0:*:x86:*:*:*:*:*",
"matchCriteriaId": "8F1F312C-413F-4DB4-ABF4-48E33F6FECF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:8.0:*:x86:*:*:*:*:*",
"matchCriteriaId": "1894C542-AA81-40A9-BF47-AE24C93C1ACB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "A711CDC2-412C-499D-9FA6-7F25B06267C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*",
"matchCriteriaId": "0B837BB7-5F62-4CD5-9C64-8553C28EA8A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:solaris:9.0:x86_update_2:*:*:*:*:*:*",
"matchCriteriaId": "3F305CBD-4329-44DE-A85C-DE9FF371425E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "369207B4-96FA-4324-9445-98FAE8ECF5DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7AAC8954-74A8-4FE3-ABE7-57DA041D9D8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5B72953B-E873-4E44-A3CF-12D770A0D416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "39F847DB-65A9-47DA-BCFA-A179E5E2301A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "08003947-A4F1-44AC-84C6-9F8D097EB759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A2475113-CFE4-41C8-A86F-F2DA6548D224",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special \"NOCHAR\" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337."
}
],
"id": "CVE-2003-0161",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-04-02T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-016.0.txt"
},
{
"source": "cve@mitre.org",
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:07.sendmail.asc"
},
{
"source": "cve@mitre.org",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.11/SCOSA-2004.11.txt"
},
{
"source": "cve@mitre.org",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030401-01-P"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000614"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/mhonarc/security-announce/msg00028.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-March/004295.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=104896621106790\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=104897487512238\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=104914999806315\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52620-1"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52700-1"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001088.1-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2003-12.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2003/dsa-278"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2003/dsa-290"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200303-27.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/897604"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-120.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-121.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/316961/30/25250/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/317135/30/25220/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/317135/30/25220/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/321997"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/7230"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-016.0.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:07.sendmail.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.11/SCOSA-2004.11.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030401-01-P"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000614"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/mhonarc/security-announce/msg00028.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-March/004295.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=104896621106790\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=104897487512238\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=104914999806315\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52620-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52700-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001088.1-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2003-12.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2003/dsa-278"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2003/dsa-290"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200303-27.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/897604"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-120.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-121.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/316961/30/25250/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/317135/30/25220/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/317135/30/25220/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/321997"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/7230"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2003-0161 (GCVE-0-2003-0161)
Vulnerability from cvelistv5
Published
2003-04-01 05:00
Modified
2024-08-08 01:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:36.017Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1001088",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001088.1-1"
},
{
"name": "52620",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52620-1"
},
{
"name": "20030401-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030401-01-P"
},
{
"name": "7230",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/7230"
},
{
"name": "20030330 [OpenPKG-SA-2003.027] OpenPKG Security Advisory (sendmail)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104914999806315\u0026w=2"
},
{
"name": "RHSA-2003:120",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-120.html"
},
{
"name": "20030401 Immunix Secured OS 7+ openssl update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/317135/30/25220/threaded"
},
{
"name": "DSA-278",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-278"
},
{
"name": "DSA-290",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2003/dsa-290"
},
{
"name": "IMNX-2003-7+-002-01",
"tags": [
"vendor-advisory",
"x_refsource_IMMUNIX",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/317135/30/25220/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://lists.apple.com/mhonarc/security-announce/msg00028.html"
},
{
"name": "52700",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52700-1"
},
{
"name": "CA-2003-12",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2003-12.html"
},
{
"name": "CSSA-2003-016.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA",
"x_transferred"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-016.0.txt"
},
{
"name": "20030331 GLSA: sendmail (200303-27)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/316961/30/25250/threaded"
},
{
"name": "RHSA-2003:121",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-121.html"
},
{
"name": "CLA-2003:614",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000614"
},
{
"name": "SCOSA-2004.11",
"tags": [
"vendor-advisory",
"x_refsource_SCO",
"x_transferred"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.11/SCOSA-2004.11.txt"
},
{
"name": "GLSA-200303-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200303-27.xml"
},
{
"name": "20030329 Sendmail: -1 gone wild",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-March/004295.html"
},
{
"name": "20030329 Sendmail: -1 gone wild",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104897487512238\u0026w=2"
},
{
"name": "FreeBSD-SA-03:07",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD",
"x_transferred"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:07.sendmail.asc"
},
{
"name": "20030520 [Fwd: 127 Research and Development: 127 Day!]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/321997"
},
{
"name": "20030329 sendmail 8.12.9 available",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104896621106790\u0026w=2"
},
{
"name": "VU#897604",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/897604"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-03-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special \"NOCHAR\" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1001088",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001088.1-1"
},
{
"name": "52620",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52620-1"
},
{
"name": "20030401-01-P",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030401-01-P"
},
{
"name": "7230",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/7230"
},
{
"name": "20030330 [OpenPKG-SA-2003.027] OpenPKG Security Advisory (sendmail)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104914999806315\u0026w=2"
},
{
"name": "RHSA-2003:120",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-120.html"
},
{
"name": "20030401 Immunix Secured OS 7+ openssl update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/317135/30/25220/threaded"
},
{
"name": "DSA-278",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-278"
},
{
"name": "DSA-290",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2003/dsa-290"
},
{
"name": "IMNX-2003-7+-002-01",
"tags": [
"vendor-advisory",
"x_refsource_IMMUNIX"
],
"url": "http://www.securityfocus.com/archive/1/317135/30/25220/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://lists.apple.com/mhonarc/security-announce/msg00028.html"
},
{
"name": "52700",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52700-1"
},
{
"name": "CA-2003-12",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2003-12.html"
},
{
"name": "CSSA-2003-016.0",
"tags": [
"vendor-advisory",
"x_refsource_CALDERA"
],
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-016.0.txt"
},
{
"name": "20030331 GLSA: sendmail (200303-27)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/316961/30/25250/threaded"
},
{
"name": "RHSA-2003:121",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-121.html"
},
{
"name": "CLA-2003:614",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000614"
},
{
"name": "SCOSA-2004.11",
"tags": [
"vendor-advisory",
"x_refsource_SCO"
],
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.11/SCOSA-2004.11.txt"
},
{
"name": "GLSA-200303-27",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200303-27.xml"
},
{
"name": "20030329 Sendmail: -1 gone wild",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-March/004295.html"
},
{
"name": "20030329 Sendmail: -1 gone wild",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104897487512238\u0026w=2"
},
{
"name": "FreeBSD-SA-03:07",
"tags": [
"vendor-advisory",
"x_refsource_FREEBSD"
],
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:07.sendmail.asc"
},
{
"name": "20030520 [Fwd: 127 Research and Development: 127 Day!]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/321997"
},
{
"name": "20030329 sendmail 8.12.9 available",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104896621106790\u0026w=2"
},
{
"name": "VU#897604",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/897604"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0161",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special \"NOCHAR\" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1001088",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001088.1-1"
},
{
"name": "52620",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52620-1"
},
{
"name": "20030401-01-P",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20030401-01-P"
},
{
"name": "7230",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/7230"
},
{
"name": "20030330 [OpenPKG-SA-2003.027] OpenPKG Security Advisory (sendmail)",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104914999806315\u0026w=2"
},
{
"name": "RHSA-2003:120",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-120.html"
},
{
"name": "20030401 Immunix Secured OS 7+ openssl update",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/317135/30/25220/threaded"
},
{
"name": "DSA-278",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-278"
},
{
"name": "DSA-290",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2003/dsa-290"
},
{
"name": "IMNX-2003-7+-002-01",
"refsource": "IMMUNIX",
"url": "http://www.securityfocus.com/archive/1/317135/30/25220/threaded"
},
{
"name": "http://lists.apple.com/mhonarc/security-announce/msg00028.html",
"refsource": "CONFIRM",
"url": "http://lists.apple.com/mhonarc/security-announce/msg00028.html"
},
{
"name": "52700",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-52700-1"
},
{
"name": "CA-2003-12",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2003-12.html"
},
{
"name": "CSSA-2003-016.0",
"refsource": "CALDERA",
"url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-016.0.txt"
},
{
"name": "20030331 GLSA: sendmail (200303-27)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/316961/30/25250/threaded"
},
{
"name": "RHSA-2003:121",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-121.html"
},
{
"name": "CLA-2003:614",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000614"
},
{
"name": "SCOSA-2004.11",
"refsource": "SCO",
"url": "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.11/SCOSA-2004.11.txt"
},
{
"name": "GLSA-200303-27",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200303-27.xml"
},
{
"name": "20030329 Sendmail: -1 gone wild",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-March/004295.html"
},
{
"name": "20030329 Sendmail: -1 gone wild",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104897487512238\u0026w=2"
},
{
"name": "FreeBSD-SA-03:07",
"refsource": "FREEBSD",
"url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:07.sendmail.asc"
},
{
"name": "20030520 [Fwd: 127 Research and Development: 127 Day!]",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/321997"
},
{
"name": "20030329 sendmail 8.12.9 available",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104896621106790\u0026w=2"
},
{
"name": "VU#897604",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/897604"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0161",
"datePublished": "2003-04-01T05:00:00",
"dateReserved": "2003-03-24T00:00:00",
"dateUpdated": "2024-08-08T01:43:36.017Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1332 (GCVE-0-2004-1332)
Vulnerability from cvelistv5
Published
2005-01-06 05:00
Modified
2024-08-08 00:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:46:12.355Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "HPSBUX01118",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110797179710695\u0026w=2"
},
{
"name": "1012650",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1012650"
},
{
"name": "oval:org.mitre.oval:def:5701",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5701"
},
{
"name": "12077",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12077"
},
{
"name": "SSRT4883",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110797179710695\u0026w=2"
},
{
"name": "VU#647438",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/647438"
},
{
"name": "13608",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13608"
},
{
"name": "hp-ftpd-bo(18636)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18636"
},
{
"name": "20041221 Hewlett Packard HP-UX ftpd Remote Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=175\u0026type=vulnerabilities\u0026flashstatus=false"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-12-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "HPSBUX01118",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110797179710695\u0026w=2"
},
{
"name": "1012650",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1012650"
},
{
"name": "oval:org.mitre.oval:def:5701",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5701"
},
{
"name": "12077",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12077"
},
{
"name": "SSRT4883",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110797179710695\u0026w=2"
},
{
"name": "VU#647438",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/647438"
},
{
"name": "13608",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13608"
},
{
"name": "hp-ftpd-bo(18636)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18636"
},
{
"name": "20041221 Hewlett Packard HP-UX ftpd Remote Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=175\u0026type=vulnerabilities\u0026flashstatus=false"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1332",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "HPSBUX01118",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=110797179710695\u0026w=2"
},
{
"name": "1012650",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1012650"
},
{
"name": "oval:org.mitre.oval:def:5701",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5701"
},
{
"name": "12077",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12077"
},
{
"name": "SSRT4883",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=110797179710695\u0026w=2"
},
{
"name": "VU#647438",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/647438"
},
{
"name": "13608",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13608"
},
{
"name": "hp-ftpd-bo(18636)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18636"
},
{
"name": "20041221 Hewlett Packard HP-UX ftpd Remote Buffer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=175\u0026type=vulnerabilities\u0026flashstatus=false"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1332",
"datePublished": "2005-01-06T05:00:00",
"dateReserved": "2005-01-06T00:00:00",
"dateUpdated": "2024-08-08T00:46:12.355Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}