CVE-2002-1337
sendmail - remote exploit
EPSS 42.8%
Description
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.
How to fix CVE-2002-1337
To remediate CVE-2002-1337, upgrade the affected package to a fixed version below.
- Debian/sendmail—upgrade to 8.13.0.PreAlpha4-0 or later
- Debian/sendmail—upgrade to 8.12.3-5 or later
- Debian/sendmail-wide—upgrade to 8.12.3+3.5Wbeta-5.2 or later
Is CVE-2002-1337 being exploited?
Moderate — EPSS is 42.8%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (3)
- from 0, < 8.13.0.PreAlpha4-0
- from 0, < 8.12.3-5
- from 0, < 8.12.3+3.5Wbeta-5.2