Page 2 of 19 results (0.012 seconds)

CVSS: 7.5EPSS: 27%CPEs: 1EXPL: 0

Use-after-free vulnerability in Sendmail before 8.13.8 allows remote attackers to cause a denial of service (crash) via a long "header line", which causes a previously freed variable to be referenced. NOTE: the original developer has disputed the severity of this issue, saying "The only denial of service that is possible here is to fill up the disk with core dumps if the OS actually generates different core dumps (which is unlikely)... the bug is in the shutdown code (finis()) which leads directly to exit(3), i.e., the process would terminate anyway, no mail delivery or receiption is affected." Vulnerabilidad Utilizar-tras-liberar en Sendmail versiones anteriores a 8.13.8, permite a atacantes remotos provocar una denegación de servicio (crash) mediante una "header line" larga, que provoca que una variable liberada anteriormente sea referenciada. NOTa: El desarrollador original ha impugnado la severidad de esta vulnerabilidad diciendo "La única denegación de servicio posible aquí, es llenar el disco con volcados de memoria si el Sistema Operativo genera diferentes volcados de memoria (que es improbable)... el error reside en el código de apagado (finis()) que conduce directamente a exit(3), en este caso, el proceso terminaría de todas formas, no afecta a la distribución ni recepción de correo". • http://secunia.com/advisories/21637 http://secunia.com/advisories/21641 http://secunia.com/advisories/21696 http://secunia.com/advisories/21700 http://secunia.com/advisories/21749 http://secunia.com/advisories/22369 http://securitytracker.com/id?1016753 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102664-1 http://www.attrition.org/pipermail/vim/2006-August/000999.html http://www.debian.org/security/2006/dsa-1164 http://www.mandriva.com/security/advisories?name=M • CWE-416: Use After Free •

CVSS: 5.0EPSS: 34%CPEs: 41EXPL: 0

Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for performing 8-bit to 7-bit conversion, which prevents Sendmail from delivering queued messages and might lead to disk consumption by core dump files. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:17.sendmail.asc ftp://patches.sgi.com/support/free/security/advisories/20060601-01-P ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc http://itrc.hp.com/service/cki/docDisplay.do?docId=c00692635 http://lists.suse.com/archive/suse-security-announce/2006-Jun/0006.html http://secunia.com/advisories/15779 http://secunia.com/advisories/20473 http://secunia.com/advisories/20641 http://secunia. • CWE-399: Resource Management Errors •

CVSS: 10.0EPSS: 5%CPEs: 163EXPL: 0

The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. La función de prescan en Sendmail 8.12.9 permite a atacantes remotos ejecutar código arbitrario mediante ataques de desbordamiento de búfer, como se demostró usando la función parseaddr en parseaddr.c. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.11/SCOSA-2004.11.txt http://archives.neohapsis.com/archives/fulldisclosure/2003-q3/4119.html http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0113.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000742 http://marc.info/?l=bugtraq&m=106381604923204&w=2 http://marc.info/?l=bugtraq&m=106382859407683&w=2 http://marc.info/?l=bugtraq&m=106383437615742&w=2 http://marc.info/? •

CVSS: 7.5EPSS: 0%CPEs: 105EXPL: 1

A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences. Un "desbordamiento de búfer potencial en el análisis de reglas" (ruleset parsing) en Sendmail 8.12.9 cuando se usan los conjuntos de reglas no estándar: (1) receptor, (2) final, o (3) receptores de envoltorio específicos del enviador de correo, tienen consecuencias desconocidas. • https://www.exploit-db.com/exploits/23154 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000742 http://marc.info/?l=bugtraq&m=106383437615742&w=2 http://marc.info/?l=bugtraq&m=106398718909274&w=2 http://www.debian.org/security/2003/dsa-384 http://www.kb.cert.org/vuls/id/108964 http://www.mandriva.com/security/advisories?name=MDKSA-2003:092 http://www.redhat.com/support/errata/RHSA-2003-283.html http://www.securityfocus.com/bid/8649 http://www •

CVSS: 10.0EPSS: 17%CPEs: 111EXPL: 2

The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337. • https://www.exploit-db.com/exploits/24 https://www.exploit-db.com/exploits/22442 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-016.0.txt ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:07.sendmail.asc ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.11/SCOSA-2004.11.txt ftp://patches.sgi.com/support/free/security/advisories/20030401-01-P http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000614 http://lists.apple.com/mhonarc/secur •