JVN/CVE Demo: Cveinfos

CVE

Id: 6990
CVE No.: CVE-2003-0161
Status: Candidate
Description: The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337.
Phase: Assigned (20030324)
Votes: NOOP(1) Christey
Comments: Christey> MANDRAKE:MDKSA-2003:042 | (as suggested by Vincent Danen of Mandrake)

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
40680	6990	CVE-2003-0161	BUGTRAQ:20030329 Sendmail: -1 gone wild	View
40681	6990	CVE-2003-0161	URL:http://marc.info/?l=bugtraq&m=104897487512238&w=2	View
40682	6990	CVE-2003-0161	BUGTRAQ:20030520 [Fwd: 127 Research and Development: 127 Day!]	View
40683	6990	CVE-2003-0161	URL:http://www.securityfocus.com/archive/1/321997	View
40684	6990	CVE-2003-0161	BUGTRAQ:20030331 GLSA: sendmail (200303-27)	View
40685	6990	CVE-2003-0161	URL:http://www.securityfocus.com/archive/1/archive/1/316961/30/25250/threaded	View
40686	6990	CVE-2003-0161	BUGTRAQ:20030401 Immunix Secured OS 7+ openssl update	View
40687	6990	CVE-2003-0161	URL:http://www.securityfocus.com/archive/1/archive/1/317135/30/25220/threaded	View
40688	6990	CVE-2003-0161	FULLDISC:20030329 Sendmail: -1 gone wild	View
40689	6990	CVE-2003-0161	URL:http://lists.grok.org.uk/pipermail/full-disclosure/2003-March/004295.html	View
40690	6990	CVE-2003-0161	BUGTRAQ:20030329 sendmail 8.12.9 available	View
40691	6990	CVE-2003-0161	URL:http://marc.info/?l=bugtraq&m=104896621106790&w=2	View
40692	6990	CVE-2003-0161	GENTOO:GLSA-200303-27	View
40693	6990	CVE-2003-0161	URL:http://www.gentoo.org/security/en/glsa/glsa-200303-27.xml	View
40694	6990	CVE-2003-0161	IMMUNIX:IMNX-2003-7+-002-01	View
40695	6990	CVE-2003-0161	URL:http://www.securityfocus.com/archive/1/archive/1/317135/30/25220/threaded	View
40696	6990	CVE-2003-0161	SUNALERT:52620	View
40697	6990	CVE-2003-0161	URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-52620-1	View
40698	6990	CVE-2003-0161	SUNALERT:52700	View
40699	6990	CVE-2003-0161	URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-52700-1	View
40700	6990	CVE-2003-0161	SUNALERT:1001088	View
40701	6990	CVE-2003-0161	URL:http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001088.1-1	View
40702	6990	CVE-2003-0161	CERT:CA-2003-12	View
40703	6990	CVE-2003-0161	URL:http://www.cert.org/advisories/CA-2003-12.html	View
40704	6990	CVE-2003-0161	CERT-VN:VU#897604	View
40705	6990	CVE-2003-0161	URL:http://www.kb.cert.org/vuls/id/897604	View
40706	6990	CVE-2003-0161	FREEBSD:FreeBSD-SA-03:07	View
40707	6990	CVE-2003-0161	URL:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:07.sendmail.asc	View
40708	6990	CVE-2003-0161	REDHAT:RHSA-2003:120	View
40709	6990	CVE-2003-0161	URL:http://www.redhat.com/support/errata/RHSA-2003-120.html	View
40710	6990	CVE-2003-0161	REDHAT:RHSA-2003:121	View
40711	6990	CVE-2003-0161	URL:http://www.redhat.com/support/errata/RHSA-2003-121.html	View
40712	6990	CVE-2003-0161	SCO:SCOSA-2004.11	View
40713	6990	CVE-2003-0161	URL:ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.11/SCOSA-2004.11.txt	View
40714	6990	CVE-2003-0161	SUSE:SuSE-SA:2003:023	View
40715	6990	CVE-2003-0161	SGI:20030401-01-P	View
40716	6990	CVE-2003-0161	URL:ftp://patches.sgi.com/support/free/security/advisories/20030401-01-P	View
40717	6990	CVE-2003-0161	CALDERA:CSSA-2003-016.0	View
40718	6990	CVE-2003-0161	URL:ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-016.0.txt	View
40719	6990	CVE-2003-0161	DEBIAN:DSA-278	View
40720	6990	CVE-2003-0161	URL:http://www.debian.org/security/2003/dsa-278	View
40721	6990	CVE-2003-0161	DEBIAN:DSA-290	View
40722	6990	CVE-2003-0161	URL:http://www.debian.org/security/2003/dsa-290	View
40723	6990	CVE-2003-0161	CONECTIVA:CLA-2003:614	View
40724	6990	CVE-2003-0161	URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000614	View
40725	6990	CVE-2003-0161	HP:SSRT3531	View
40726	6990	CVE-2003-0161	BUGTRAQ:20030330 [OpenPKG-SA-2003.027] OpenPKG Security Advisory (sendmail)	View
40727	6990	CVE-2003-0161	URL:http://marc.info/?l=bugtraq&m=104914999806315&w=2	View
40728	6990	CVE-2003-0161	CONFIRM:http://lists.apple.com/mhonarc/security-announce/msg00028.html	View
40729	6990	CVE-2003-0161	BID:7230	View

Message	Memory use
Component initialization	1.38 MB
Controller action start	1.49 MB
Controller render start	2.31 MB
View render complete	2.80 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	3.35
Event: Controller.initialize	0.02
Event: Controller.startup	0.06
Controller action	487.67
Event: Controller.beforeRender	5.31
» Processing toolbar data	5.22
Rendering View	14.80
» Event: View.beforeRender	0.02
» Rendering APP/View/Cveinfos/view.ctp	13.81
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.58
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.08
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Http Connection	close
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/6990
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/6990
Remote Port	34621
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	3.14.251.87
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http Cookie	advanced-frontend=3a8du4hur2a14eg4v6tp7ksk22
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	3.14.251.87
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	3.14.251.87
Unique Id	aBETaBCelfP3zUtuvZluAQAAAHQ
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	3.14.251.87
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	3.14.251.87
Redirect Unique Id	aBETaBCelfP3zUtuvZluAQAAAHQ
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	3.14.251.87
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	3.14.251.87
Redirect Redirect Unique Id	aBETaBCelfP3zUtuvZluAQAAAHQ
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1745949544.282
Request Time	1745949544

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files