7.5
CVE-2006-4434
- EPSS 4.33%
- Veröffentlicht 29.08.2006 00:04:00
- Zuletzt bearbeitet 16.06.2026 22:29:05
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Use-after-free vulnerability in Sendmail before 8.13.8 allows remote attackers to cause a denial of service (crash) via a long "header line", which causes a previously freed variable to be referenced. NOTE: the original developer has disputed the severity of this issue, saying "The only denial of service that is possible here is to fill up the disk with core dumps if the OS actually generates different core dumps (which is unlikely)... the bug is in the shutdown code (finis()) which leads directly to exit(3), i.e., the process would terminate anyway, no mail delivery or receiption is affected."
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 4.33% | 0.899 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
CWE-416 Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
http://secunia.com/advisories/21749
http://www.novell.com/linux/security/advisories/2006_21_sr.html
http://secunia.com/advisories/21637
http://secunia.com/advisories/21641
http://secunia.com/advisories/21696
http://secunia.com/advisories/21700
http://secunia.com/advisories/22369
http://securitytracker.com/id?1016753
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102664-1
http://www.attrition.org/pipermail/vim/2006-August/000999.html
http://www.debian.org/security/2006/dsa-1164
http://www.mandriva.com/security/advisories?name=MDKSA-2006:156
http://www.openbsd.org/errata.html#sendmail3
http://www.openbsd.org/errata38.html#sendmail3
http://www.osvdb.org/28193
http://www.securityfocus.com/bid/19714
http://www.sendmail.org/releases/8.13.8.html
http://www.vupen.com/english/advisories/2006/3393
http://www.vupen.com/english/advisories/2006/3994