Lucene search
SuseSUSE-SA:2003:035HistoryAug 26, 2003 - 5:08 p.m.
remote denial-of-service in sendmail
2003-08-2617:08:16
lists.opensuse.org
7
0.129 Low
EPSS
Percentile
95.5%
The well known and widely used MTA sendmail is vulnerable to a remote denial-of-service attack in version 8.12.8 and earlier (but not before 8.12). The bug exists in the DNS map code. This feature is enabled by specifying FEATURE(`enhdnsbl’). When sendmail receives an invalid DNS response it tries to call free(3) on random data which results in a process crash.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE | 8.1 | i586 | sendmail | < 8.12.6-147 | sendmail-8.12.6-147.i586.rpm |
| openSUSE | 8.0 | i386 | uucp | < 1.06.1-931 | uucp-1.06.1-931.i386.rpm |
| openSUSE | 8.1 | i586 | uucp | < 1.06.1-931 | uucp-1.06.1-931.i586.rpm |
| openSUSE | 8.2 | i586 | uucp | < 1.06.1-931 | uucp-1.06.1-931.i586.rpm |
| openSUSE | 8.0 | i386 | sendmail | < 8.12.3-76 | sendmail-8.12.3-76.i386.rpm |
| openSUSE | 8.2 | i586 | sendmail | < 8.12.7-73 | sendmail-8.12.7-73.i586.rpm |
Related
nessus
nessus
SUSE-SA:2003:035: sendmail
2004-07-25 00:00:00
Mandrake Linux Security Advisory : sendmail (MDKSA-2003:086)
2004-07-31 00:00:00
debiancve
debiancve
CVE-2003-0688
2003-10-20 04:00:00
nvd
nvd
CVE-2003-0688
2003-10-20 04:00:00
cert
cert
Sendmail fails to appropriately initialize data structures for DNS maps
2003-08-25 00:00:00
cve
cve
CVE-2003-0688
2003-10-20 04:00:00
securityvulns
securityvulns
cvelist
cvelist
CVE-2003-0688
2003-09-03 04:00:00