Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 SMTP:OVERFLOW:SENDMAIL-CMT-OF2

Severity

 Critical

Recommended

 No

Category

 SMTP

Keywords

 Sendmail Oversized Address Comment (2)

Release Date

 2003/04/22

Update Number

 1213

Supported Platforms

 di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

SMTP: Sendmail Oversized Address Comment (2)


TThis signature detects attempts to exploit a known vulnerability in Sendmail. Sendmail versions 5.79 to 8.12.7 are vulnerable. Attackers can include multiple empty address containers in a SMTP header field to overflow the SMTP header buffer and force Sendmail to execute arbitrary code on the host.

Extended Description

Sendmail is prone to a remotely buffer-overflow vulnerability in the SMTP header parsing component. Successful attackers may exploit this vulnerability to gain control of affected servers. Reportedly, this vulnerability may be locally exploitable if the sendmail binary is setuid/setgid. Sendmail 5.2 to 8.12.7 are affected. Administrators are advised to upgrade to 8.12.8 or to apply patches to earlier versions of the 8.12.x tree.

Affected Products

  • FreeBSD 4.6.0
  • FreeBSD 4.7.0
  • FreeBSD 5.0.0
  • Gentoo Linux 1.4.0 _rc1
  • Gentoo Linux 1.4.0 _rc2
  • HP AlphaServer SC
  • HP HP-UX 10.10.0
  • HP HP-UX 10.20.0
  • HP HP-UX 11.0.0
  • HP HP-UX 11.0.0 4
  • HP HP-UX 11.11.0
  • HP HP-UX 11.22.0
  • HP HP-UX B.11.00
  • HP HP-UX B.11.04
  • HP HP-UX B.11.11
  • HP HP-UX B.11.22
  • HP HP-UX (VVOS) 11.0.0 4
  • HP MPE/iX 6.5.0
  • IBM MVS
  • IBM OS/390 V2R10
  • IBM OS/390 V2R8
  • IBM z/OS V1R2
  • IBM z/OS V1R4
  • NetBSD 1.5.0
  • NetBSD 1.5.1
  • NetBSD 1.5.2
  • NetBSD 1.5.3
  • NetBSD 1.6.0
  • SCO Open UNIX 8.0.0
  • SCO Unixware 7.1.1
  • SCO Unixware 7.1.3
  • Sendmail Consortium Sendmail 5.59.0
  • Sendmail Consortium Sendmail 5.61.0
  • Sendmail Consortium Sendmail 5.65.0
  • Sendmail Consortium Sendmail 8.10.0
  • Sendmail Consortium Sendmail 8.10.1
  • Sendmail Consortium Sendmail 8.10.2
  • Sendmail Consortium Sendmail 8.11.0
  • Sendmail Consortium Sendmail 8.11.1
  • Sendmail Consortium Sendmail 8.11.2
  • Sendmail Consortium Sendmail 8.11.3
  • Sendmail Consortium Sendmail 8.11.4
  • Sendmail Consortium Sendmail 8.11.5
  • Sendmail Consortium Sendmail 8.11.6
  • Sendmail Consortium Sendmail 8.12.0 .0
  • Sendmail Consortium Sendmail 8.12.0 Beta10
  • Sendmail Consortium Sendmail 8.12.0 Beta12
  • Sendmail Consortium Sendmail 8.12.0 Beta16
  • Sendmail Consortium Sendmail 8.12.0 Beta5
  • Sendmail Consortium Sendmail 8.12.0 Beta7
  • Sendmail Consortium Sendmail 8.12.1
  • Sendmail Consortium Sendmail 8.12.2
  • Sendmail Consortium Sendmail 8.12.3
  • Sendmail Consortium Sendmail 8.12.4
  • Sendmail Consortium Sendmail 8.12.5
  • Sendmail Consortium Sendmail 8.12.6
  • Sendmail Consortium Sendmail 8.12.7
  • Sendmail Consortium Sendmail 8.8.8
  • Sendmail Consortium Sendmail 8.9.0 .0
  • Sendmail Consortium Sendmail 8.9.1
  • Sendmail Consortium Sendmail 8.9.2
  • Sendmail Consortium Sendmail 8.9.3
  • Sendmail Consortium Sendmail for NT 2.6.0
  • Sendmail Consortium Sendmail for NT 2.6.1
  • Sendmail Consortium Sendmail for NT 3.0.0
  • Sendmail Consortium Sendmail for NT 3.0.1
  • Sendmail Consortium Sendmail for NT 3.0.2
  • Sendmail Consortium Sendmail Switch 2.1.0
  • Sendmail Consortium Sendmail Switch 2.1.1
  • Sendmail Consortium Sendmail Switch 2.1.2
  • Sendmail Consortium Sendmail Switch 2.1.3
  • Sendmail Consortium Sendmail Switch 2.1.4
  • Sendmail Consortium Sendmail Switch 2.2.0
  • Sendmail Consortium Sendmail Switch 2.2.1
  • Sendmail Consortium Sendmail Switch 2.2.2
  • Sendmail Consortium Sendmail Switch 2.2.3
  • Sendmail Consortium Sendmail Switch 2.2.4
  • Sendmail Consortium Sendmail Switch 3.0.0
  • Sendmail Consortium Sendmail Switch 3.0.1
  • Sendmail Consortium Sendmail Switch 3.0.2
  • Sendmail, Inc Sendmail Advanced Message Server 1.2.0
  • Sendmail, Inc Sendmail Advanced Message Server 1.3.0
  • Sendmail, Inc Sendmail for NT 2.6.0
  • Sendmail, Inc Sendmail for NT 2.6.1
  • Sendmail, Inc Sendmail for NT 3.0.0
  • Sendmail, Inc Sendmail for NT 3.0.1
  • Sendmail, Inc Sendmail for NT 3.0.2
  • Sendmail, Inc Sendmail Switch 2.1.0
  • Sendmail, Inc Sendmail Switch 2.1.1
  • Sendmail, Inc Sendmail Switch 2.1.2
  • Sendmail, Inc Sendmail Switch 2.1.3
  • Sendmail, Inc Sendmail Switch 2.1.4
  • Sendmail, Inc Sendmail Switch 2.2.0
  • Sendmail, Inc Sendmail Switch 2.2.1
  • Sendmail, Inc Sendmail Switch 2.2.2
  • Sendmail, Inc Sendmail Switch 2.2.3
  • Sendmail, Inc Sendmail Switch 2.2.4
  • Sendmail, Inc Sendmail Switch 3.0.0
  • Sendmail, Inc Sendmail Switch 3.0.1
  • Sendmail, Inc Sendmail Switch 3.0.2
  • SGI Freeware 1.0.0
  • SGI IRIX 6.5.0
  • SGI IRIX 6.5.1
  • SGI IRIX 6.5.10
  • SGI IRIX 6.5.11
  • SGI IRIX 6.5.12
  • SGI IRIX 6.5.13
  • SGI IRIX 6.5.14
  • SGI IRIX 6.5.15
  • SGI IRIX 6.5.16
  • SGI IRIX 6.5.17
  • SGI IRIX 6.5.18
  • SGI IRIX 6.5.19
  • SGI IRIX 6.5.2
  • SGI IRIX 6.5.3
  • SGI IRIX 6.5.4
  • SGI IRIX 6.5.5
  • SGI IRIX 6.5.6
  • SGI IRIX 6.5.7
  • SGI IRIX 6.5.8
  • SGI IRIX 6.5.9
  • Sun Cobalt CacheRaQ 4
  • Sun Cobalt ManageRaQ3 3000R-mr
  • Sun Cobalt Qube 3
  • Sun Cobalt RaQ 3
  • Sun Cobalt RaQ 4
  • Sun Cobalt RaQ 550
  • Sun Cobalt RaQ XTR
  • Sun LX50
  • Sun Solaris 2.6
  • Sun Solaris 2.6_x86
  • Sun Solaris 7.0
  • Sun Solaris 7.0_x86
  • Sun Solaris 8 Sparc
  • Sun Solaris 8 X86
  • Sun Solaris 9 Sparc
  • Sun Solaris 9 X86
  • Wind River Systems BSD/OS 4.2.0
  • Wind River Systems BSD/OS 4.3.1
  • Wind River Systems BSD/OS 5.0.0
  • Wind River Systems Platform SA 1.0.0

References

  • BugTraq: 6991
  • CERT: CA-2003-07
  • CVE: CVE-2002-1337
  • URL: http://www.securityfocus.com/archive/1/313757

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out