1. /
  2. Security Response/
  3. Sendmail Address Prescan Memory Corruption Vulnerability

Sendmail Address Prescan Memory Corruption Vulnerability

Risk

High

Date Discovered

March 29, 2003

Description

A vulnerability in Sendmail may be exploited remotely to execute arbitrary code. The flaw is present in the 'prescan()' procedure, which is used for processing email addresses in SMTP headers. This condition has been confirmed to be exploitable by remote attackers to execute instructions on target systems. This vulnerability stems from a logic error in the conversion of a char to an integer value. The issue has been fixed Sendmail 8.12.9.

Technologies Affected

  • Apple Mac OS X 10.2.0
  • Apple Mac OS X 10.2.1
  • Apple Mac OS X 10.2.2
  • Apple Mac OS X 10.2.3
  • Apple Mac OS X 10.2.4
  • Apple Mac OS X Server 10.2.0
  • Apple Mac OS X Server 10.2.1
  • Apple Mac OS X Server 10.2.2
  • Apple Mac OS X Server 10.2.3
  • Apple Mac OS X Server 10.2.4
  • Compaq Tru64 4.0.0 B
  • Compaq Tru64 4.0.0 D
  • Compaq Tru64 4.0.0 d PK9 (BL17)
  • Compaq Tru64 4.0.0 f
  • Compaq Tru64 4.0.0 f PK6 (BL17)
  • Compaq Tru64 4.0.0 f PK7 (BL18)
  • Compaq Tru64 4.0.0 g
  • Compaq Tru64 4.0.0 g PK3 (BL17)
  • Compaq Tru64 5.0.0
  • Compaq Tru64 5.0.0 PK4 (BL17)
  • Compaq Tru64 5.0.0 PK4 (BL18)
  • Compaq Tru64 5.0.0 a
  • Compaq Tru64 5.0.0 a PK3 (BL17)
  • Compaq Tru64 5.0.0 f
  • Compaq Tru64 5.1.0
  • Compaq Tru64 5.1.0 B
  • Compaq Tru64 5.1.0 PK3 (BL17)
  • Compaq Tru64 5.1.0 PK4 (BL18)
  • Compaq Tru64 5.1.0 PK5 (BL19)
  • Compaq Tru64 5.1.0 PK6 (BL20)
  • Compaq Tru64 5.1.0 a
  • Compaq Tru64 5.1.0 a PK1 (BL1)
  • Compaq Tru64 5.1.0 a PK2 (BL2)
  • Compaq Tru64 5.1.0 a PK3 (BL3)
  • Compaq Tru64 5.1.0 b PK1 (BL1)
  • HP AlphaServer SC
  • HP AltaVista Firewall AVFW98
  • HP AltaVista Firewall Raptor EC
  • HP HP-UX (VVOS) 10.24.0
  • HP HP-UX (VVOS) 11.0.0 4
  • HP HP-UX (VVOS) 11.0.4
  • HP HP-UX 10.0.0
  • HP HP-UX 10.0.0 1
  • HP HP-UX 10.1.0 0
  • HP HP-UX 10.10.0
  • HP HP-UX 10.16.0
  • HP HP-UX 10.20.0
  • HP HP-UX 10.20.0 SIS
  • HP HP-UX 10.20.0 Series 700
  • HP HP-UX 10.20.0 Series 800
  • HP HP-UX 10.24.0
  • HP HP-UX 10.26.0
  • HP HP-UX 10.30.0
  • HP HP-UX 10.34.0
  • HP HP-UX 10.8.0
  • HP HP-UX 10.9.0
  • HP HP-UX 11.0.0
  • HP HP-UX 11.0.0 4
  • HP HP-UX 11.11.0
  • HP HP-UX 11.20.0
  • HP HP-UX 11.22.0
  • HP HP-UX B.11.00
  • HP HP-UX B.11.04
  • HP HP-UX B.11.11
  • HP HP-UX B.11.22
  • HP Internet Express 5.4.0
  • HP Internet Express 5.7.0
  • HP Internet Express 5.8.0
  • HP Internet Express 5.9.0
  • HP Internet Express 6.0.0
  • HP MPE/iX 6.0.0
  • HP MPE/iX 6.5.0
  • HP MPE/iX 7.0.0
  • HP MPE/iX 7.5.0
  • HP NonStop-UX PUMA
  • HP NonStop-UX Whitney
  • HP Tru64 5.1.0 a PK4 (BL21)
  • IBM AIX 4.3.0
  • IBM AIX 4.3.1
  • IBM AIX 4.3.2
  • IBM AIX 4.3.3
  • IBM AIX 5.1
  • IBM AIX 5.1.0 L
  • IBM AIX 5.2
  • IBM MVS
  • IBM OS/390 V2R10
  • IBM OS/390 V2R6
  • IBM OS/390 V2R8
  • IBM OS/390 V2R9
  • IBM z/OS
  • IBM z/OS V1R2
  • IBM z/OS V1R4
  • NetBSD NetBSD 1.5.0
  • NetBSD NetBSD 1.5.1
  • NetBSD NetBSD 1.5.2
  • NetBSD NetBSD 1.5.3
  • NetBSD NetBSD 1.6.0
  • RedHat Advanced Workstation for the Itanium Processor 2.1.0
  • RedHat Enterprise Linux AS 2.1
  • RedHat Enterprise Linux ES 2.1
  • RedHat Enterprise Linux WS 2.1
  • SCO OpenLinux Server 3.1.1
  • SCO OpenLinux Workstation 3.1.1
  • SGI IRIX 6.5.0
  • SGI IRIX 6.5.1
  • SGI IRIX 6.5.10
  • SGI IRIX 6.5.11
  • SGI IRIX 6.5.12
  • SGI IRIX 6.5.13
  • SGI IRIX 6.5.14
  • SGI IRIX 6.5.15
  • SGI IRIX 6.5.16
  • SGI IRIX 6.5.17
  • SGI IRIX 6.5.18
  • SGI IRIX 6.5.19
  • SGI IRIX 6.5.2
  • SGI IRIX 6.5.3
  • SGI IRIX 6.5.4
  • SGI IRIX 6.5.5
  • SGI IRIX 6.5.6
  • SGI IRIX 6.5.7
  • SGI IRIX 6.5.8
  • SGI IRIX 6.5.9
  • Sendmail Consortium Sendmail 8.10.0
  • Sendmail Consortium Sendmail 8.10.1
  • Sendmail Consortium Sendmail 8.10.2
  • Sendmail Consortium Sendmail 8.11.0
  • Sendmail Consortium Sendmail 8.11.1
  • Sendmail Consortium Sendmail 8.11.2
  • Sendmail Consortium Sendmail 8.11.3
  • Sendmail Consortium Sendmail 8.11.4
  • Sendmail Consortium Sendmail 8.11.5
  • Sendmail Consortium Sendmail 8.11.6
  • Sendmail Consortium Sendmail 8.12.0 .0
  • Sendmail Consortium Sendmail 8.12.0 beta10
  • Sendmail Consortium Sendmail 8.12.0 beta12
  • Sendmail Consortium Sendmail 8.12.0 beta16
  • Sendmail Consortium Sendmail 8.12.0 beta5
  • Sendmail Consortium Sendmail 8.12.0 beta7
  • Sendmail Consortium Sendmail 8.12.1
  • Sendmail Consortium Sendmail 8.12.2
  • Sendmail Consortium Sendmail 8.12.3
  • Sendmail Consortium Sendmail 8.12.4
  • Sendmail Consortium Sendmail 8.12.5
  • Sendmail Consortium Sendmail 8.12.6
  • Sendmail Consortium Sendmail 8.12.7
  • Sendmail Consortium Sendmail 8.12.8
  • Sendmail Consortium Sendmail 8.9.0 .0
  • Sendmail Consortium Sendmail 8.9.1
  • Sendmail Consortium Sendmail 8.9.2
  • Sendmail Consortium Sendmail 8.9.3
  • Sendmail Inc Sendmail Switch 2.1.0
  • Sendmail Inc Sendmail Switch 2.1.1
  • Sendmail Inc Sendmail Switch 2.1.2
  • Sendmail Inc Sendmail Switch 2.1.3
  • Sendmail Inc Sendmail Switch 2.1.4
  • Sendmail Inc Sendmail Switch 2.1.5
  • Sendmail Inc Sendmail Switch 2.2.0
  • Sendmail Inc Sendmail Switch 2.2.1
  • Sendmail Inc Sendmail Switch 2.2.2
  • Sendmail Inc Sendmail Switch 2.2.3
  • Sendmail Inc Sendmail Switch 2.2.4
  • Sendmail Inc Sendmail Switch 2.2.5
  • Sendmail Inc Sendmail Switch 3.0.0
  • Sendmail Inc Sendmail Switch 3.0.1
  • Sendmail Inc Sendmail Switch 3.0.2
  • Sendmail Inc Sendmail Switch 3.0.3
  • Sendmail Inc Sendmail for NT 2.6.0
  • Sendmail Inc Sendmail for NT 2.6.1
  • Sendmail Inc Sendmail for NT 2.6.2
  • Sendmail Inc Sendmail for NT 3.0.0
  • Sendmail Inc Sendmail for NT 3.0.1
  • Sendmail Inc Sendmail for NT 3.0.2
  • Sendmail Inc Sendmail for NT 3.0.3
  • Sun Cobalt Qube3 4000WG
  • Sun Cobalt RaQ 550 4100R
  • Sun Cobalt RaQ XTR 3500R
  • Sun Cobalt RaQ4 3001R
  • Sun LX50
  • Sun Linux 5.0.0
  • Sun Solaris 2.4
  • Sun Solaris 2.4_x86
  • Sun Solaris 2.5
  • Sun Solaris 2.5.1
  • Sun Solaris 2.5.1_ppc
  • Sun Solaris 2.5.1_x86
  • Sun Solaris 2.5_x86
  • Sun Solaris 2.6
  • Sun Solaris 2.6_x86
  • Sun Solaris 7.0
  • Sun Solaris 7.0_x86
  • Sun Solaris 8
  • Sun Solaris 8_x86
  • Sun Solaris 9
  • Sun Solaris 9_x86
  • Sun Solaris 9_x86 Update 2

Recommendations

Deploy network intrusion detection systems to monitor network traffic for malicious activity.

Monitor system and IDS logs for anomalies. Flag any crashes or abnormal termination of the sendmail service as suspicious. Attacks would likely cause such occurrences.
Please see the referenced advisories for more information.

Credits

Discovery credited to Michal Zalewski.
Copyright © Symantec Corporation.
Permission to redistribute this alert electronically is granted as long as it is not edited in any way unless authorized by Symantec Security Response. Reprinting the whole or part of this alert in any medium other than electronically requires permission from secure@symantec.com.

Disclaimer
The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information.
Symantec, Symantec products, Symantec Security Response, and secure@symantec.com are registered trademarks of Symantec Corp. and/or affiliated companies in the United States and other countries. All other registered and unregistered trademarks represented in this document are the sole property of their respective companies/owners.

Threat Intelligence

Subscribe
Follow the Threat Intelligence Twitter feed
STAR Antimalware Protection Technologies
Internet Security Threat Report
Symantec DeepSight Screensaver