Vulnerabilities > CVE-2001-0653 - Unspecified vulnerability in Sendmail
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Sendmail 8.10.0 through 8.11.5, and 8.12.0 beta, allows local users to modify process memory and possibly gain privileges via a large value in the 'category' part of debugger (-d) command line arguments, which is interpreted as a negative number.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 11 |
Exploit-Db
description Sendmail 8.11/8.12 Debugger Arbitrary Code Execution Vulnerability (3). CVE-2001-0653. Local exploit for linux platform id EDB-ID:21062 last seen 2016-02-02 modified 2001-08-17 published 2001-08-17 reporter Lucian Hudin source https://www.exploit-db.com/download/21062/ title Sendmail 8.11/8.12 Debugger Arbitrary Code Execution Vulnerability 3 description Sendmail 8.11/8.12 Debugger Arbitrary Code Execution Vulnerability (4). CVE-2001-0653. Local exploit for linux platform id EDB-ID:21063 last seen 2016-02-02 modified 2001-08-17 published 2001-08-17 reporter RoMaN SoFt source https://www.exploit-db.com/download/21063/ title Sendmail 8.11/8.12 Debugger Arbitrary Code Execution Vulnerability 4 description Sendmail 8.11/8.12 Debugger Arbitrary Code Execution Vulnerability (2). CVE-2001-0653. Local exploit for linux platform id EDB-ID:21061 last seen 2016-02-02 modified 2001-08-17 published 2001-08-17 reporter [email protected] source https://www.exploit-db.com/download/21061/ title Sendmail 8.11/8.12 Debugger Arbitrary Code Execution Vulnerability 2 description Sendmail 8.11/8.12 Debugger Arbitrary Code Execution Vulnerability (1). CVE-2001-0653. Local exploit for linux platform id EDB-ID:21060 last seen 2016-02-02 modified 2001-08-17 published 2001-08-17 reporter grange source https://www.exploit-db.com/download/21060/ title Sendmail 8.11/8.12 Debugger Arbitrary Code Execution Vulnerability 1
Nessus
NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2001-075.NASL description An input validation error exists in sendmail that may allow local users to write arbitrary data to process memory. This could possibly allow the execute of code or commands with elevated privileges and may also allow a local attacker to gain access to the root account. last seen 2020-06-01 modified 2020-06-02 plugin id 13890 published 2004-07-31 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/13890 title Mandrake Linux Security Advisory : sendmail (MDKSA-2001:075) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandrake Linux Security Advisory MDKSA-2001:075. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(13890); script_version ("1.15"); script_cvs_date("Date: 2019/08/02 13:32:46"); script_cve_id("CVE-2001-0653"); script_bugtraq_id(3163); script_xref(name:"MDKSA", value:"2001:075"); script_name(english:"Mandrake Linux Security Advisory : sendmail (MDKSA-2001:075)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandrake Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "An input validation error exists in sendmail that may allow local users to write arbitrary data to process memory. This could possibly allow the execute of code or commands with elevated privileges and may also allow a local attacker to gain access to the root account." ); script_set_attribute( attribute:"solution", value: "Update the affected sendmail, sendmail-cf and / or sendmail-doc packages." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:sendmail"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:sendmail-cf"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:sendmail-doc"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:7.2"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:8.0"); script_set_attribute(attribute:"patch_publication_date", value:"2001/08/31"); script_set_attribute(attribute:"plugin_publication_date", value:"2004/07/31"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2004-2019 Tenable Network Security, Inc."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK7.2", cpu:"i386", reference:"sendmail-8.11.0-3.1mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK7.2", cpu:"i386", reference:"sendmail-cf-8.11.0-3.1mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK7.2", cpu:"i386", reference:"sendmail-doc-8.11.0-3.1mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK8.0", cpu:"i386", reference:"sendmail-8.11.6-1.1mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK8.0", cpu:"i386", reference:"sendmail-cf-8.11.6-1.1mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK8.0", cpu:"i386", reference:"sendmail-doc-8.11.6-1.1mdk", yank:"mdk")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family SMTP problems NASL id SENDMAIL_LOCAL_OVERFLOW.NASL description The remote Sendmail server, according to its version number, may be vulnerable to a local buffer overflow allowing local users to gain root privileges. last seen 2020-06-01 modified 2020-06-02 plugin id 10729 published 2001-08-23 reporter This script is Copyright (C) 2001-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/10729 title Sendmail < 8.11.6 -d category Value Local Overflow code # # (C) Tenable Network Security, Inc. # # References # [also vulnerable to a heap overflow] # Date: Mon, 28 May 2001 18:16:57 -0400 (EDT) # From: "Michal Zalewski" <[email protected]> # To: [email protected] # Subject: Unsafe Signal Handling in Sendmail # include("compat.inc"); if (description) { script_id(10729); script_version("1.24"); script_cvs_date("Date: 2018/09/17 21:46:53"); script_cve_id("CVE-2001-0653"); script_bugtraq_id(3163); script_name(english:"Sendmail < 8.11.6 -d category Value Local Overflow"); script_summary(english:"Check Sendmail version number"); script_set_attribute(attribute:"synopsis", value: "The remote service is vulnerable to a privilege escalation attack."); script_set_attribute(attribute:"description", value: "The remote Sendmail server, according to its version number, may be vulnerable to a local buffer overflow allowing local users to gain root privileges."); script_set_attribute(attribute:"solution", value:"Upgrade to Sendmail 8.12beta19 or 8.11.6."); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"); script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2001-0653"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"vuln_publication_date", value:"2001/08/17"); script_set_attribute(attribute:"plugin_publication_date", value:"2001/08/23"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"cpe", value:"cpe:/a:sendmail:sendmail"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2001-2018 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SMTP problems"); script_dependencies("sendmail_detect.nbin"); script_require_keys("installed_sw/Sendmail"); exit(0); } include("vcf.inc"); app_info = vcf::get_app_info(app:"Sendmail"); constraints = [{ "fixed_version" : "8.11.6" }]; vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);
Redhat
| advisories |
|
References
- ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-017.txt.asc
- ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-017.txt.asc
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000412
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000412
- http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-032-01
- http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-032-01
- http://marc.info/?l=bugtraq&m=99841063100516&w=2
- http://marc.info/?l=bugtraq&m=99841063100516&w=2
- http://rhn.redhat.com/errata/RHSA-2001-106.html
- http://rhn.redhat.com/errata/RHSA-2001-106.html
- http://www.calderasystems.com/support/security/advisories/CSSA-2001-032.0.txt
- http://www.calderasystems.com/support/security/advisories/CSSA-2001-032.0.txt
- http://www.ciac.org/ciac/bulletins/l-133.shtml
- http://www.ciac.org/ciac/bulletins/l-133.shtml
- http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-075.php3
- http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-075.php3
- http://www.novell.com/linux/security/advisories/2001_028_sendmail_txt.html
- http://www.novell.com/linux/security/advisories/2001_028_sendmail_txt.html
- http://www.securityfocus.com/bid/3163
- http://www.securityfocus.com/bid/3163
- http://www.sendmail.org/8.11.html
- http://www.sendmail.org/8.11.html
- http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTL0112-007
- http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTL0112-007
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7016
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7016