Rapid7 Vulnerability & Exploit Database

Sendmail DNS Maps Denial Of Service Vulnerability

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

Sendmail DNS Maps Denial Of Service Vulnerability

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:P)

Published

10/20/2003

Created

07/25/2018

Added

11/01/2004

Modified

07/16/2012

Description

Certain versions of Sendmail in the 8.12.x series do not properly initialize the DNS Map structure. As a result, a remote attacker can send an invalid DNS reply to cause Sendmail to free() uninitialized data, crashing the process. It is unknown if remote execution of arbitrary code is possible.

Solution(s)

upgrade-latest-sendmail

References

https://attackerkb.com/topics/cve-2003-0688
993452
CLA-2003:727
CVE - 2003-0688
MDKSA-2003:086
OVAL597
RHSA-2003:265
20030803-01-P
SuSE-SA:2003:035

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Sendmail DNS Maps Denial Of Service Vulnerability

Sendmail DNS Maps Denial Of Service Vulnerability

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.