Oval Definition:oval:org.opensuse.security:def:20030161
Revision Date:2015-11-16Version:1
Title:CVE-2003-0161
Description:
The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2003-0161
Platform(s):SuSE Linux Enterprise Server 7 for IA32
SuSE Linux Enterprise Server 8 for IBM iSeries and IBM pSeries
SuSE Linux Enterprise Server 8 for IBM zSeries
SuSE Linux Enterprise Server 8 for IPF
SuSE Linux Openexchange Server 4
UnitedLinux 1.0
Product(s):
Definition Synopsis
  • Release Information
  • sles7 is installed
  • AND sendmail less than 8.11.3-108
  • OR
  • sles8 is installed
  • sendmail less than 8.12.6-37
  • OR sendmail less than 8.12.6-54
  • OR sendmail less than 8.12.6-74
  • OR
  • slox4 is installed
  • AND sendmail less than 8.12.6-109
  • OR
  • unitedlinux-1.0 is installed
  • sendmail less than 8.12.6-109
  • OR sendmail less than 8.12.6-74
  • OR Package Information
  • sles8 is installed
  • sendmail-devel less than 8.12.6-37
  • OR sendmail-devel less than 8.12.6-54
  • OR sendmail-devel less than 8.12.6-74
  • OR
  • slox4 is installed
  • AND sendmail-devel less than 8.12.6-109
  • OR
  • unitedlinux-1.0 is installed
  • sendmail-devel less than 8.12.6-109
  • OR sendmail-devel less than 8.12.6-74
    • BACK