CVE-2002-1337

Summary

Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.

Impact & exploitability

AV:N/AC:L/Au:N/C:C/I:C/A:C

Affected products we track (1)

Recommendation

Apply the vendor fix promptly. Open any affected product above for its exact safe version.

Additional information

• NVD record
• ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-002.txt.asc
• ftp://ftp.sco.com/pub/updates/OpenServer/CSSA-2003-SCO.6
• ftp://ftp.sco.com/pub/updates/UnixWare/CSSA-2003-SCO.5
• ftp://patches.sgi.com/support/free/security/advisories/20030301-01-P
• http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000571
• http://frontal2.mandriva.com/security/advisories?name=MDKSA-2003:028
• http://marc.info/?l=bugtraq&m=104673778105192&w=2Advisory
• http://marc.info/?l=bugtraq&m=104678739608479&w=2Advisory