CVE-2002-1337 Information
Description
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields related to sender and recipient header comments as processed by the crackaddr function of headers.c.
Reference
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-002.txt.asc ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.6 ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.5 ftp://patches.sgi.com/support/free/security/advisories/20030301-01-P http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000571 http://frontal2.mandriva.com/security/advisories?name=MDKSA-2003:028 http://marc.info/?l=bugtraq&m=104673778105192&w=2 http://marc.info/?l=bugtraq&m=104678739608479&w=2 http://marc.info/?l=bugtraq&m=104678862109841&w=2 http://marc.info/?l=bugtraq&m=104678862409849&w=2 http://marc.info/?l=bugtraq&m=104679411316818&w=2 http://www.cert.org/advisories/CA-2003-07.html http://www.debian.org/security/2003/dsa-257 http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21950 http://www.iss.net/security_center/static/10748.php http://www.kb.cert.org/vuls/id/398025 http://www.redhat.com/support/errata/RHSA-2003-073.html http://www.redhat.com/support/errata/RHSA-2003-074.html http://www.redhat.com/support/errata/RHSA-2003-227.html http://www.securityfocus.com/bid/6991 http://www.sendmail.org/8.12.8.html http://www-1.ibm.com/support/search.wss?rs=0&q=IY40500&apar=only http://www-1.ibm.com/support/search.wss?rs=0&q=IY40501&apar=only http://www-1.ibm.com/support/search.wss?rs=0&q=IY40502&apar=only https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A2222
Share on: