Fluid Attacks Database

Description

The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 12	sendmail	>=0 <8.12.10-1	8.12.10-1
debian 13	sendmail	>=0 <8.12.10-1	8.12.10-1
debian 11	sendmail	>=0 <8.12.10-1	8.12.10-1
debian 14	sendmail	>=0 <8.12.10-1	8.12.10-1

Aliases

1. CVE-2003-06942. NVD-2003-06943. OSV-DEBIAN-2003-06944. OSV-2003-06945. SECURITY-TRACKER-CVE-2003-0694

References

1. https://vulncheck.com/cve/CVE-2003-0694

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.