Vulnerability Details CVE-2002-0906
Buffer overflow in Sendmail before 8.12.5, when configured to use a custom DNS map to query TXT records, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malicious DNS server.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.03
EPSS Ranking 85.8%
CVSS Severity
CVSS v2 Score 7.5
References
- http://www.iss.net/security_center/static/9443.php
- http://www.kb.cert.org/vuls/id/814627
- http://www.securityfocus.com/bid/5122
- http://www.sendmail.org/8.12.5.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2183
- http://www.iss.net/security_center/static/9443.php
- http://www.kb.cert.org/vuls/id/814627
- http://www.securityfocus.com/bid/5122
- http://www.sendmail.org/8.12.5.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2183
Products affected by CVE-2002-0906
-
cpe:2.3:a:sendmail:sendmail:8.12.0
-
cpe:2.3:a:sendmail:sendmail:8.12.1
-
cpe:2.3:a:sendmail:sendmail:8.12.3
-
cpe:2.3:a:sendmail:sendmail:8.12.4