CVE-2003-0694

Description

The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.

How to fix CVE-2003-0694

To remediate CVE-2003-0694, upgrade the affected package to a fixed version below.

• Debian/sendmail—upgrade to 8.12.10-1 or later

Is CVE-2003-0694 being exploited?

Likely — EPSS is 76.1%, placing CVE-2003-0694 in the top tier of vulnerabilities by exploitation probability. Prioritise patching.

Affected packages (1)

• from 0, < 8.12.10-1

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2003-0694