CVE-2003-0688
EPSS 1.7%
Description
The DNS map code in Sendmail 8.12.8 and earlier, when using the "enhdnsbl" feature, does not properly initialize certain data structures, which allows remote attackers to cause a denial of service (process crash) via an invalid DNS response that causes Sendmail to free incorrect data.
How to fix CVE-2003-0688
To remediate CVE-2003-0688, upgrade the affected package to a fixed version below.
- Debian/sendmail—upgrade to 8.12.9 or later
Is CVE-2003-0688 being exploited?
Low — EPSS is 1.7%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 8.12.9