Vulnerability Name:

CVE-2003-0688 (CCN-13021)

Assigned:2003-08-25
Published:2003-08-25
Updated:2018-05-03
Summary:The DNS map code in Sendmail 8.12.8 and earlier, when using the "enhdnsbl" feature, does not properly initialize certain data structures, which allows remote attackers to cause a denial of service (process crash) via an invalid DNS response that causes Sendmail to free incorrect data.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Denial of Service
References:Source: CCN
Type: FreeBSD Security Advisory FreeBSD-SA-03:11
sendmail DNS map problem

Source: SGI
Type: UNKNOWN
20030803-01-P

Source: CCN
Type: Full-Disclosure Mailing List, Mon Aug 25 2003 - 12:10:30 CDT
Sendmail DNS Map Vulnerability

Source: CCN
Type: Sendmail Web site
DNS map problem in 8.12.x before 8.12.9

Source: MITRE
Type: CNA
CVE-2003-0688

Source: CONECTIVA
Type: UNKNOWN
CLA-2003:727

Source: CCN
Type: Conectiva Linux Security Announcement CLSA-2003:727
sendmail

Source: CCN
Type: RHSA-2003-265
Updated Sendmail packages fix vulnerability.

Source: CCN
Type: CIAC Information Bulletin N-138
Red Hat Updated Sendmail packages fix vulnerability

Source: CCN
Type: FreeBSD Problem Report bin/54367
[PATCH] sendmail coredumps (sometime) when using dns map

Source: CCN
Type: US-CERT VU#993452
Sendmail fails to appropriately initialize data structures for DNS maps

Source: CERT-VN
Type: US Government Resource
VU#993452

Source: MANDRAKE
Type: UNKNOWN
MDKSA-2003:086

Source: SUSE
Type: UNKNOWN
SuSE-SA:2003:035

Source: CCN
Type: OpenPKG-SA-2003.037
Sendmail

Source: CCN
Type: OSVDB ID: 6480
Sendmail DNS Map Code Remote DoS

Source: REDHAT
Type: Patch, Vendor Advisory
RHSA-2003:265

Source: CCN
Type: BID-8485
Sendmail DNS Maps Remote Denial of Service Vulnerability

Source: CCN
Type: Sendmail Consortium Web site
Sendmail 8.12.9

Source: CONFIRM
Type: UNKNOWN
http://www.sendmail.org/dnsmap1.html

Source: XF
Type: UNKNOWN
sendmail-dns-map-dos(13021)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:597

Source: SUSE
Type: SUSE-SA:2003:035
sendmail: remote denial-of-service

Vulnerable Configuration:Configuration 1:
  • cpe:/a:redhat:sendmail:8.12.5-7:*:i386:*:*:*:*:*
  • OR cpe:/a:redhat:sendmail:8.12.5-7:*:i386_cf:*:*:*:*:*
  • OR cpe:/a:redhat:sendmail:8.12.5-7:*:i386_dev:*:*:*:*:*
  • OR cpe:/a:redhat:sendmail:8.12.5-7:*:i386_doc:*:*:*:*:*
  • OR cpe:/a:redhat:sendmail:8.12.8-4:*:i386:*:*:*:*:*
  • OR cpe:/a:redhat:sendmail:8.12.8-4:*:i386_cf:*:*:*:*:*
  • OR cpe:/a:redhat:sendmail:8.12.8-4:*:i386_dev:*:*:*:*:*
  • OR cpe:/a:redhat:sendmail:8.12.8-4:*:i386_doc:*:*:*:*:*
  • OR cpe:/a:sendmail:sendmail:8.12.1:*:*:*:*:*:*:*
  • OR cpe:/a:sendmail:sendmail:8.12.2:*:*:*:*:*:*:*
  • OR cpe:/a:sendmail:sendmail:8.12.3:*:*:*:*:*:*:*
  • OR cpe:/a:sendmail:sendmail:8.12.4:*:*:*:*:*:*:*
  • OR cpe:/a:sendmail:sendmail:8.12.5:*:*:*:*:*:*:*
  • OR cpe:/a:sendmail:sendmail:8.12.6:*:*:*:*:*:*:*
  • OR cpe:/a:sendmail:sendmail:8.12.7:*:*:*:*:*:*:*
  • OR cpe:/a:sendmail:sendmail:8.12.8:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.19:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.20:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.21:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/o:compaq:tru64:5.0a:*:*:*:*:*:*:*
  • OR cpe:/o:compaq:tru64:5.1:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.6:-:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.7:-:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.8:-:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:5.0:-:*:*:*:*:*:*
  • OR cpe:/o:openbsd:openbsd:3.2:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:sendmail:sendmail:8.12.6:*:*:*:*:*:*:*
  • OR cpe:/a:sendmail:sendmail:8.12.1:*:*:*:*:*:*:*
  • OR cpe:/a:sendmail:sendmail:8.12.2:*:*:*:*:*:*:*
  • OR cpe:/a:sendmail:sendmail:8.12.3:*:*:*:*:*:*:*
  • OR cpe:/a:sendmail:sendmail:8.12.4:*:*:*:*:*:*:*
  • OR cpe:/a:sendmail:sendmail:8.12.5:*:*:*:*:*:*:*
  • OR cpe:/a:sendmail:sendmail:8.12.8:*:*:*:*:*:*:*
  • OR cpe:/a:sendmail:sendmail:8.12.7:*:*:*:*:*:*:*
  • AND
  • cpe:/o:sgi:irix:6.0.1:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.1:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.2:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.3:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.4:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.0:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.1:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.2:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.3:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.4:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.0:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:5.0:-:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.7:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.1:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.5:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.6:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.8:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.2:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.9:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.10:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.11:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.12:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.13:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.14:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:8.2:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:8.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:7.3:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.6:-:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.15:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.16:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:8.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:8.1:*:*:*:*:*:*:*
  • OR cpe:/o:suse:linux_enterprise_server:8:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.7:-:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*
  • OR cpe:/o:freebsd:freebsd:4.8:-:*:*:*:*:*:*
  • OR cpe:/o:redhat:linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:8.2:*:*:*:*:*:*:*
  • OR cpe:/o:conectiva:linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.19:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.20:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.21:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.21m:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.21f:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:8.2::ppc:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1::x86_64:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.10f:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.10m:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.11f:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.11m:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.12f:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.12m:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.13f:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.13m:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.14f:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.14m:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.15f:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.15m:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.16f:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.16m:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.17:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.17f:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.17m:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.18:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.18f:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.18m:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.19f:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.19m:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.20f:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.20m:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.2f:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.2m:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.3f:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.3m:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.4f:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.4m:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.5f:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.5m:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.6f:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.6m:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.7f:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.7m:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.8f:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.8m:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.9f:*:*:*:*:*:*:*
  • OR cpe:/o:sgi:irix:6.5.9m:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20030688
    V
    		CVE-2003-0688
    2015-11-16
    oval:org.mitre.oval:def:597
    V
    		Denial of Service in Sendmail via the enhdnsbl Feature
    2010-09-20
    BACK
    redhat sendmail 8.12.5-7
    redhat sendmail 8.12.5-7
    redhat sendmail 8.12.5-7
    redhat sendmail 8.12.5-7
    redhat sendmail 8.12.8-4
    redhat sendmail 8.12.8-4
    redhat sendmail 8.12.8-4
    redhat sendmail 8.12.8-4
    sendmail sendmail 8.12.1
    sendmail sendmail 8.12.2
    sendmail sendmail 8.12.3
    sendmail sendmail 8.12.4
    sendmail sendmail 8.12.5
    sendmail sendmail 8.12.6
    sendmail sendmail 8.12.7
    sendmail sendmail 8.12.8
    sgi irix 6.5.19
    sgi irix 6.5.20
    sgi irix 6.5.21
    compaq tru64 5.0a
    compaq tru64 5.1
    freebsd freebsd 4.6
    freebsd freebsd 4.7
    freebsd freebsd 4.8
    freebsd freebsd 5.0
    openbsd openbsd 3.2
    sendmail sendmail 8.12.6
    sendmail sendmail 8.12.1
    sendmail sendmail 8.12.2
    sendmail sendmail 8.12.3
    sendmail sendmail 8.12.4
    sendmail sendmail 8.12.5
    sendmail sendmail 8.12.8
    sendmail sendmail 8.12.7
    sgi irix 6.0.1
    sgi irix 6.1
    sgi irix 6.2
    sgi irix 6.3
    sgi irix 6.4
    sgi irix 6.5
    sgi irix 6.0
    sgi irix 6.5.1
    sgi irix 6.5.2
    sgi irix 6.5.3
    sgi irix 6.5.4
    freebsd freebsd 4.0
    freebsd freebsd 5.0
    redhat linux 7
    sgi irix 6.5.7
    redhat linux 7.1
    sgi irix 6.5.5
    sgi irix 6.5.6
    sgi irix 6.5.8
    redhat linux 7.2
    sgi irix 6.5.9
    sgi irix 6.5.10
    sgi irix 6.5.11
    sgi irix 6.5.12
    sgi irix 6.5.13
    sgi irix 6.5.14
    mandrakesoft mandrake linux 8.2
    suse suse linux 8.0
    redhat linux 7.3
    freebsd freebsd 4.6
    sgi irix 6.5.15
    sgi irix 6.5.16
    redhat linux 8.0
    mandrakesoft mandrake linux 9.0
    suse suse linux 8.1
    suse linux enterprise server 8
    freebsd freebsd 4.7
    mandrakesoft mandrake linux corporate server 2.1
    freebsd freebsd 4.8
    redhat linux 9.0
    suse suse linux 8.2
    conectiva linux 9.0
    sgi irix 6.5.19
    sgi irix 6.5.20
    sgi irix 6.5.21
    sgi irix 6.5.21m
    sgi irix 6.5.21f
    mandrakesoft mandrake linux 8.2
    mandrakesoft mandrake linux corporate server 2.1
    sgi irix 6.5.10f
    sgi irix 6.5.10m
    sgi irix 6.5.11f
    sgi irix 6.5.11m
    sgi irix 6.5.12f
    sgi irix 6.5.12m
    sgi irix 6.5.13f
    sgi irix 6.5.13m
    sgi irix 6.5.14f
    sgi irix 6.5.14m
    sgi irix 6.5.15f
    sgi irix 6.5.15m
    sgi irix 6.5.16f
    sgi irix 6.5.16m
    sgi irix 6.5.17
    sgi irix 6.5.17f
    sgi irix 6.5.17m
    sgi irix 6.5.18
    sgi irix 6.5.18f
    sgi irix 6.5.18m
    sgi irix 6.5.19f
    sgi irix 6.5.19m
    sgi irix 6.5.20f
    sgi irix 6.5.20m
    sgi irix 6.5.2f
    sgi irix 6.5.2m
    sgi irix 6.5.3f
    sgi irix 6.5.3m
    sgi irix 6.5.4f
    sgi irix 6.5.4m
    sgi irix 6.5.5f
    sgi irix 6.5.5m
    sgi irix 6.5.6f
    sgi irix 6.5.6m
    sgi irix 6.5.7f
    sgi irix 6.5.7m
    sgi irix 6.5.8f
    sgi irix 6.5.8m
    sgi irix 6.5.9f
    sgi irix 6.5.9m