{ "id": "CVE-2003-0688", "sourceIdentifier": "cve@mitre.org", "published": "2003-10-20T04:00:00.000", "lastModified": "2018-05-03T01:29:22.053", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", "value": "The DNS map code in Sendmail 8.12.8 and earlier, when using the \"enhdnsbl\" feature, does not properly initialize certain data structures, which allows remote attackers to cause a denial of service (process crash) via an invalid DNS response that causes Sendmail to free incorrect data." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0 }, "baseSeverity": "MEDIUM", "exploitabilityScore": 10.0, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:redhat:sendmail:8.12.5-7:*:i386:*:*:*:*:*", "matchCriteriaId": "EC65C3FE-7512-4AFE-9CFF-1E4B201CEF19" }, { "vulnerable": true, "criteria": "cpe:2.3:a:redhat:sendmail:8.12.5-7:*:i386_cf:*:*:*:*:*", "matchCriteriaId": "F62C57CA-A4DA-4A50-9262-DAA135780CFE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:redhat:sendmail:8.12.5-7:*:i386_dev:*:*:*:*:*", "matchCriteriaId": "A97CCA83-8BD7-42BC-9395-A0C01FB9B3F4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:redhat:sendmail:8.12.5-7:*:i386_doc:*:*:*:*:*", "matchCriteriaId": "6F4BC2F3-EA77-4191-9319-9CF66F3EC850" }, { "vulnerable": true, "criteria": "cpe:2.3:a:redhat:sendmail:8.12.8-4:*:i386:*:*:*:*:*", "matchCriteriaId": "54367E67-A75A-4A9E-A8DF-E748BC4F5101" }, { "vulnerable": true, "criteria": "cpe:2.3:a:redhat:sendmail:8.12.8-4:*:i386_cf:*:*:*:*:*", "matchCriteriaId": "C5BFA9BC-DE23-479C-8310-95E5B25376FC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:redhat:sendmail:8.12.8-4:*:i386_dev:*:*:*:*:*", "matchCriteriaId": "DDE2FF54-7988-46FB-9E6D-187566F9CB11" }, { "vulnerable": true, "criteria": "cpe:2.3:a:redhat:sendmail:8.12.8-4:*:i386_doc:*:*:*:*:*", "matchCriteriaId": "F771EBC4-E805-4AF7-B08B-1F140030C0C3" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sendmail:sendmail:8.12.1:*:*:*:*:*:*:*", "matchCriteriaId": "79A46DF2-8EEB-40C8-B1CA-01BC064BD25E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sendmail:sendmail:8.12.2:*:*:*:*:*:*:*", "matchCriteriaId": "581E5904-1A2B-49FF-BE3F-D42019AD816B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sendmail:sendmail:8.12.3:*:*:*:*:*:*:*", "matchCriteriaId": "B6CC4C83-4FB9-4344-AFCB-C260659F81DD" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sendmail:sendmail:8.12.4:*:*:*:*:*:*:*", "matchCriteriaId": "CAF763B4-58E3-4868-8C92-47DE3E4E5F40" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sendmail:sendmail:8.12.5:*:*:*:*:*:*:*", "matchCriteriaId": "8A4FCB77-7FAC-4A4B-851C-2F352B44D3CB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sendmail:sendmail:8.12.6:*:*:*:*:*:*:*", "matchCriteriaId": "6FEB3923-8F4B-4523-84F9-17D1CFA37F8C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sendmail:sendmail:8.12.7:*:*:*:*:*:*:*", "matchCriteriaId": "58CD19B4-4BFD-4DE8-B21F-6B6CDE6793C5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:sendmail:sendmail:8.12.8:*:*:*:*:*:*:*", "matchCriteriaId": "7B82BBB7-CD72-4A33-97D4-B1E51A595323" }, { "vulnerable": true, "criteria": "cpe:2.3:o:sgi:irix:6.5.19:*:*:*:*:*:*:*", "matchCriteriaId": "2334FD6C-444F-4042-AF6D-D654C18C9950" }, { "vulnerable": true, "criteria": "cpe:2.3:o:sgi:irix:6.5.20:*:*:*:*:*:*:*", "matchCriteriaId": "1EFCB9A7-9121-4FAE-B6FA-96C3A023ACEF" }, { "vulnerable": true, "criteria": "cpe:2.3:o:sgi:irix:6.5.21:*:*:*:*:*:*:*", "matchCriteriaId": "E2C1514F-A4DD-462C-9955-2AD8CF5B7F14" } ] } ] }, { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:compaq:tru64:5.0a:*:*:*:*:*:*:*", "matchCriteriaId": "5C85EF72-0F04-4705-9BED-C921F5FB7860" }, { "vulnerable": true, "criteria": "cpe:2.3:o:compaq:tru64:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "E296E409-EF32-48FC-88CB-C38C7CF4A239" }, { "vulnerable": true, "criteria": "cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*", "matchCriteriaId": "9C001822-FDF8-497C-AC2C-B59A00E9ACD2" }, { "vulnerable": true, "criteria": "cpe:2.3:o:freebsd:freebsd:4.7:*:*:*:*:*:*:*", "matchCriteriaId": "B86C77AB-B8FF-4376-9B4E-C88417396F3D" }, { "vulnerable": true, "criteria": "cpe:2.3:o:freebsd:freebsd:4.8:*:*:*:*:*:*:*", "matchCriteriaId": "441BE3A0-20F4-4972-B279-19B3DB5FA14D" }, { "vulnerable": true, "criteria": "cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "61EBA52A-2D8B-4FB5-866E-AE67CE1842E7" }, { "vulnerable": true, "criteria": "cpe:2.3:o:openbsd:openbsd:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "1957B3C0-7F25-469B-BC3F-7B09260837ED" } ] } ] } ], "references": [ { "url": "ftp://patches.sgi.com/support/free/security/advisories/20030803-01-P", "source": "cve@mitre.org" }, { "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000727", "source": "cve@mitre.org" }, { "url": "http://www.kb.cert.org/vuls/id/993452", "source": "cve@mitre.org", "tags": [ "US Government Resource" ] }, { "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:086", "source": "cve@mitre.org" }, { "url": "http://www.novell.com/linux/security/advisories/2003_035_sendmail.html", "source": "cve@mitre.org" }, { "url": "http://www.redhat.com/support/errata/RHSA-2003-265.html", "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ] }, { "url": "http://www.sendmail.org/dnsmap1.html", "source": "cve@mitre.org" }, { "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A597", "source": "cve@mitre.org" } ] }