CVE-2003-0161
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2003-0161
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Sendmail地址预扫描内存破坏漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
大多数组织在他们网络内部的各个位置有各种邮件传输代理(MTA),其中至少有一个直接连接于互联网。Sendmail是其中最流行的MTA,据统计通过Sendmail处理的Internet邮件流量占了总数的50%到75%。许多UNIX和Linux工作站默认运行Sendmail。 sendmail在处理邮件地址时缺少正确的长度检查,远程攻击者可以利用这个漏洞对Sendmail服务进行缓冲区溢出,可能以sendmail进程权限在系统上执行任意命令。 此漏洞存在于prescan()过程中,此函数用于处理SMTP头中的
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Shenlong Deep Dive — AI Deep Analysis
10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2003-0161
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2003-0161
Please Login to view more intelligence information
- http://sunsolve.sun.com/search/document.do?assetkey=1-77-1001088.1-1vendor-advisoryx_refsource_SUNALERT
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000614vendor-advisoryx_refsource_CONECTIVA
- ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.11/SCOSA-2004.11.txtvendor-advisoryx_refsource_SCO
- ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:07.sendmail.ascvendor-advisoryx_refsource_FREEBSD
- http://lists.grok.org.uk/pipermail/full-disclosure/2003-March/004295.htmlmailing-listx_refsource_FULLDISC
- https://nvd.nist.gov/vuln/detail/CVE-2003-0161
Same Patch Batch · n/a · 2003-04-01 · 5 CVEs total
| CVE-2003-0091 | Solaris lpstat缓冲区溢出漏洞 | |
| CVE-2003-0092 | Solaris dtsession HOME缓冲区溢出漏洞 | |
| CVE-2003-0168 | Windows QuickTime Player超长URL远程缓冲区溢出漏洞 | |
| CVE-2003-0169 | HP Instant TopTools远程拒绝服务攻击漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8226
Open5GS types.c ogs_pcc_rule_install_flow_from_media denial - CVE-2026-8225
Open5GS delete Endpoint sm-sm.c pcf_npcf_smpolicycontrol_han - CVE-2026-8224
Open5GS PCF context.c pcf_sess_set_ipv6prefix denial of serv - CVE-2026-8223
Open5GS sm-policies Endpoint pcf_sess_sbi_discover_and_send - CVE-2026-8222
Open5GS sm-policies Endpoint nbsf-handler.c pcf_nbsf_managem
V. Comments for CVE-2003-0161
No comments yet