Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-thkp-3u6g-s7at
Vulnerability ID VCID-thkp-3u6g-s7at
Aliases CVE-2003-0694
Summary security flaw
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.7608 https://api.first.org/data/v1/epss?cve=CVE-2003-0694
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0694.json
https://api.first.org/data/v1/epss?cve=CVE-2003-0694
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0694
1617070 https://bugzilla.redhat.com/show_bug.cgi?id=1617070
RHSA-2003:283 https://access.redhat.com/errata/RHSA-2003:283
RHSA-2003:284 https://access.redhat.com/errata/RHSA-2003:284
Data source Metasploit
Description This is a proof of concept denial of service module for Sendmail versions 8.12.8 and earlier. The vulnerability is within the prescan() method when parsing SMTP headers. Due to the prescan function, only 0x5c and 0x00 bytes can be used, limiting the likelihood for arbitrary code execution.
Note 
AKA:
  - EARLYSHOVEL
Stability:
  - crash-service-down
SideEffects: []
Reliability: []
Ransomware campaign use Unknown
Source publication date Sept. 17, 2003
Source URL https://github.com/rapid7/metasploit-framework/tree/master/modules/auxiliary/dos/smtp/sendmail_prescan.rb
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.98942
EPSS Score 0.7608
Published At May 29, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-05-29T10:19:30.089781+00:00 RedHat Importer Import https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0694.json 38.6.0