5

CVE-2006-1173

Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for performing 8-bit to 7-bit conversion, which prevents Sendmail from delivering queued messages and might lead to disk consumption by core dump files.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SendmailSendmail Version <= 8.13.6
SendmailSendmail Version8.8.8
SendmailSendmail Version8.9.0
SendmailSendmail Version8.9.1
SendmailSendmail Version8.9.2
SendmailSendmail Version8.9.3
SendmailSendmail Version8.10
SendmailSendmail Version8.10.1
SendmailSendmail Version8.10.2
SendmailSendmail Version8.11.0
SendmailSendmail Version8.11.1
SendmailSendmail Version8.11.2
SendmailSendmail Version8.11.3
SendmailSendmail Version8.11.4
SendmailSendmail Version8.11.5
SendmailSendmail Version8.11.6
SendmailSendmail Version8.11.7
SendmailSendmail Version8.12 Updatebeta10
SendmailSendmail Version8.12 Updatebeta12
SendmailSendmail Version8.12 Updatebeta16
SendmailSendmail Version8.12 Updatebeta5
SendmailSendmail Version8.12 Updatebeta7
SendmailSendmail Version8.12.0
SendmailSendmail Version8.12.1
SendmailSendmail Version8.12.2
SendmailSendmail Version8.12.3
SendmailSendmail Version8.12.4
SendmailSendmail Version8.12.5
SendmailSendmail Version8.12.6
SendmailSendmail Version8.12.7
SendmailSendmail Version8.12.8
SendmailSendmail Version8.12.9
SendmailSendmail Version8.12.10
SendmailSendmail Version8.12.11
SendmailSendmail Version8.13.0
SendmailSendmail Version8.13.1
SendmailSendmail Version8.13.1.2
SendmailSendmail Version8.13.2
SendmailSendmail Version8.13.3
SendmailSendmail Version8.13.4
SendmailSendmail Version8.13.5
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 5.17% 0.914
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc
http://secunia.com/advisories/20782
Vendor Advisory
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00692635
http://www.vupen.com/english/advisories/2006/2189
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:17.sendmail.asc
ftp://patches.sgi.com/support/free/security/advisories/20060601-01-P
http://lists.suse.com/archive/suse-security-announce/2006-Jun/0006.html
http://secunia.com/advisories/15779
Patch
Vendor Advisory
http://secunia.com/advisories/20473
Patch
Vendor Advisory
http://secunia.com/advisories/20641
Vendor Advisory
http://secunia.com/advisories/20650
Vendor Advisory
http://secunia.com/advisories/20651
Vendor Advisory
http://secunia.com/advisories/20654
Vendor Advisory
http://secunia.com/advisories/20673
Vendor Advisory
http://secunia.com/advisories/20675
Vendor Advisory
http://secunia.com/advisories/20679
Vendor Advisory
http://secunia.com/advisories/20683
Vendor Advisory
http://secunia.com/advisories/20684
Vendor Advisory
http://secunia.com/advisories/20694
Vendor Advisory
http://secunia.com/advisories/20726
Vendor Advisory
http://secunia.com/advisories/21042
Vendor Advisory
http://secunia.com/advisories/21160
Vendor Advisory
http://secunia.com/advisories/21327
Vendor Advisory
http://secunia.com/advisories/21612
Vendor Advisory
http://secunia.com/advisories/21647
Vendor Advisory
http://securitytracker.com/id?1016295
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.631382
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102460-1
Patch
Vendor Advisory
http://support.avaya.com/elmodocs2/security/ASA-2006-148.htm
http://www-1.ibm.com/support/search.wss?rs=0&q=IY85415&apar=only
http://www-1.ibm.com/support/search.wss?rs=0&q=IY85930&apar=only
http://www.debian.org/security/2006/dsa-1155
http://www.f-secure.com/security/fsc-2006-5.shtml
http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-18.html
http://www.gentoo.org/security/en/glsa/glsa-200606-19.xml
http://www.kb.cert.org/vuls/id/146718
Third Party Advisory
US Government Resource
http://www.mandriva.com/security/advisories?name=MDKSA-2006:104
http://www.openbsd.org/errata38.html#sendmail2
http://www.osvdb.org/26197
http://www.redhat.com/support/errata/RHSA-2006-0515.html
http://www.securityfocus.com/archive/1/437928/100/0/threaded
http://www.securityfocus.com/archive/1/438241/100/0/threaded
http://www.securityfocus.com/archive/1/438330/100/0/threaded
http://www.securityfocus.com/archive/1/440744/100/0/threaded
http://www.securityfocus.com/archive/1/442939/100/0/threaded
http://www.securityfocus.com/bid/18433
Patch
http://www.sendmail.com/security/advisories/SA-200605-01.txt.asc
Patch
Vendor Advisory
http://www.vupen.com/english/advisories/2006/2351
http://www.vupen.com/english/advisories/2006/2388
http://www.vupen.com/english/advisories/2006/2389
Vendor Advisory
http://www.vupen.com/english/advisories/2006/2390
http://www.vupen.com/english/advisories/2006/2798
http://www.vupen.com/english/advisories/2006/3135
https://exchange.xforce.ibmcloud.com/vulnerabilities/27128
https://issues.rpath.com/browse/RPL-526
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11253