CVE-2006-1173 - Vulnerability Details

Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for performing 8-bit to 7-bit conversion, which prevents Sendmail from delivering queued messages and might lead to disk consumption by core dump files.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Redhat	Enterprise Linux
Sendmail	Sendmail

Configuration 1 [-]

OR	cpe:2.3:a:sendmail:sendmail::::::::
	cpe:2.3:a:sendmail:sendmail:8.8.8:::::::*
	cpe:2.3:a:sendmail:sendmail:8.9.0:::::::*
	cpe:2.3:a:sendmail:sendmail:8.9.1:::::::*
	cpe:2.3:a:sendmail:sendmail:8.9.2:::::::*
	cpe:2.3:a:sendmail:sendmail:8.9.3:::::::*
	cpe:2.3:a:sendmail:sendmail:8.10:::::::*
	cpe:2.3:a:sendmail:sendmail:8.10.1:::::::*
	cpe:2.3:a:sendmail:sendmail:8.10.2:::::::*
	cpe:2.3:a:sendmail:sendmail:8.11.0:::::::*
	cpe:2.3:a:sendmail:sendmail:8.11.1:::::::*
	cpe:2.3:a:sendmail:sendmail:8.11.2:::::::*
	cpe:2.3:a:sendmail:sendmail:8.11.3:::::::*
	cpe:2.3:a:sendmail:sendmail:8.11.4:::::::*
	cpe:2.3:a:sendmail:sendmail:8.11.5:::::::*
	cpe:2.3:a:sendmail:sendmail:8.11.6:::::::*
	cpe:2.3:a:sendmail:sendmail:8.11.7:::::::*
	cpe:2.3:a:sendmail:sendmail:8.12:beta10::::::
	cpe:2.3:a:sendmail:sendmail:8.12:beta12::::::
	cpe:2.3:a:sendmail:sendmail:8.12:beta16::::::
	cpe:2.3:a:sendmail:sendmail:8.12:beta5::::::
	cpe:2.3:a:sendmail:sendmail:8.12:beta7::::::
	cpe:2.3:a:sendmail:sendmail:8.12.0:::::::*
	cpe:2.3:a:sendmail:sendmail:8.12.1:::::::*
	cpe:2.3:a:sendmail:sendmail:8.12.2:::::::*
	cpe:2.3:a:sendmail:sendmail:8.12.3:::::::*
	cpe:2.3:a:sendmail:sendmail:8.12.4:::::::*
	cpe:2.3:a:sendmail:sendmail:8.12.5:::::::*
	cpe:2.3:a:sendmail:sendmail:8.12.6:::::::*
	cpe:2.3:a:sendmail:sendmail:8.12.7:::::::*
	cpe:2.3:a:sendmail:sendmail:8.12.8:::::::*
	cpe:2.3:a:sendmail:sendmail:8.12.9:::::::*
	cpe:2.3:a:sendmail:sendmail:8.12.10:::::::*
	cpe:2.3:a:sendmail:sendmail:8.12.11:::::::*
	cpe:2.3:a:sendmail:sendmail:8.13.0:::::::*
	cpe:2.3:a:sendmail:sendmail:8.13.1:::::::*
	cpe:2.3:a:sendmail:sendmail:8.13.1.2:::::::*
	cpe:2.3:a:sendmail:sendmail:8.13.2:::::::*
	cpe:2.3:a:sendmail:sendmail:8.13.3:::::::*
	cpe:2.3:a:sendmail:sendmail:8.13.4:::::::*
	cpe:2.3:a:sendmail:sendmail:8.13.5:::::::*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 3
sendmail-0:8.12.11-4.RHEL3.6	cpe:/o:redhat:enterprise_linux:3	RHSA-2006:0515	2006-06-14T00:00:00Z
Red Hat Enterprise Linux 4
sendmail-0:8.13.1-3.RHEL4.5	cpe:/o:redhat:enterprise_linux:4	RHSA-2006:0515	2006-06-14T00:00:00Z

References

Link	Providers
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:17.sendmail.asc
ftp://patches.sgi.com/support/free/security/advisories/20060601-01-P
ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00692635
http://lists.suse.com/archive/suse-security-announce/2006-Jun/0006.html
http://secunia.com/advisories/15779
http://secunia.com/advisories/20473
http://secunia.com/advisories/20641
http://secunia.com/advisories/20650
http://secunia.com/advisories/20651
http://secunia.com/advisories/20654
http://secunia.com/advisories/20673
http://secunia.com/advisories/20675
http://secunia.com/advisories/20679
http://secunia.com/advisories/20683
http://secunia.com/advisories/20684
http://secunia.com/advisories/20694
http://secunia.com/advisories/20726
http://secunia.com/advisories/20782
http://secunia.com/advisories/21042
http://secunia.com/advisories/21160
http://secunia.com/advisories/21327
http://secunia.com/advisories/21612
http://secunia.com/advisories/21647
http://securitytracker.com/id?1016295
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.631382
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102460-1
http://support.avaya.com/elmodocs2/security/ASA-2006-148.htm
http://www-1.ibm.com/support/search.wss?rs=0&q=IY85415&apar=only
http://www-1.ibm.com/support/search.wss?rs=0&q=IY85930&apar=only
http://www.debian.org/security/2006/dsa-1155
http://www.f-secure.com/security/fsc-2006-5.shtml
http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-18.html
http://www.gentoo.org/security/en/glsa/glsa-200606-19.xml
http://www.kb.cert.org/vuls/id/146718
http://www.mandriva.com/security/advisories?name=MDKSA-2006:104
http://www.openbsd.org/errata38.html#sendmail2
http://www.osvdb.org/26197
http://www.redhat.com/support/errata/RHSA-2006-0515.html
http://www.securityfocus.com/archive/1/437928/100/0/threaded
http://www.securityfocus.com/archive/1/438241/100/0/threaded
http://www.securityfocus.com/archive/1/438330/100/0/threaded
http://www.securityfocus.com/archive/1/440744/100/0/threaded
http://www.securityfocus.com/archive/1/442939/100/0/threaded
http://www.securityfocus.com/bid/18433
http://www.sendmail.com/security/advisories/SA-200605-01.txt.asc
http://www.vupen.com/english/advisories/2006/2189
http://www.vupen.com/english/advisories/2006/2351
http://www.vupen.com/english/advisories/2006/2388
http://www.vupen.com/english/advisories/2006/2389
http://www.vupen.com/english/advisories/2006/2390
http://www.vupen.com/english/advisories/2006/2798
http://www.vupen.com/english/advisories/2006/3135
https://exchange.xforce.ibmcloud.com/vulnerabilities/27128
https://issues.rpath.com/browse/RPL-526
https://nvd.nist.gov/vuln/detail/CVE-2006-1173
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11253
https://www.cve.org/CVERecord?id=CVE-2006-1173

History

No history.

MITRE

Status: PUBLISHED

Assigner: certcc

Published: 2006-06-07T23:00:00

Updated: 2024-08-07T17:03:28.441Z

Reserved: 2006-03-12T00:00:00

Link: CVE-2006-1173

Vulnrichment

No data.

NVD

Status : Modified

Published: 2006-06-07T23:06:00.000

Modified: 2024-11-21T00:08:14.503

Link: CVE-2006-1173

Redhat

Severity : Important

Publid Date: 2006-06-14T01:06:00Z

Links: CVE-2006-1173 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-06-06T00:00:00", "descriptions": [{"lang": "en", "value": "Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for performing 8-bit to 7-bit conversion, which prevents Sendmail from delivering queued messages and might lead to disk consumption by core dump files."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-18T14:57:01", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc"}, "references": [{"name": "IY85415", "tags": ["vendor-advisory", "x_refsource_AIXAPAR"], "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IY85415&apar=only"}, {"name": "HPSBTU02116", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00692635"}, {"name": "DSA-1155", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2006/dsa-1155"}, {"name": "[3.8] 008: SECURITY FIX: June 15, 2006", "tags": ["vendor-advisory", "x_refsource_OPENBSD"], "url": "http://www.openbsd.org/errata38.html#sendmail2"}, {"name": "20684", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/20684"}, {"name": "HPSBUX02124", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://www.securityfocus.com/archive/1/442939/100/0/threaded"}, {"name": "ADV-2006-2388", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/2388"}, {"name": "20726", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/20726"}, {"name": "oval:org.mitre.oval:def:11253", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11253"}, {"name": "ADV-2006-2351", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/2351"}, {"name": "21327", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/21327"}, {"name": "RHSA-2006:0515", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2006-0515.html"}, {"name": "ADV-2006-2389", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/2389"}, {"name": "21647", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/21647"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-18.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://issues.rpath.com/browse/RPL-526"}, {"name": "20651", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/20651"}, {"name": "20683", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/20683"}, {"name": "20650", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/20650"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-148.htm"}, {"name": "20782", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/20782"}, {"name": "ADV-2006-3135", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/3135"}, {"name": "1016295", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1016295"}, {"name": "20694", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/20694"}, {"name": "20473", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/20473"}, {"name": "ADV-2006-2189", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/2189"}, {"name": "20060721 rPSA-2006-0134-1 sendmail sendmail-cf", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/440744/100/0/threaded"}, {"name": "20060601-01-P", "tags": ["vendor-advisory", "x_refsource_SGI"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060601-01-P"}, {"name": "ADV-2006-2798", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/2798"}, {"name": "102460", "tags": ["vendor-advisory", "x_refsource_SUNALERT"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102460-1"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.sendmail.com/security/advisories/SA-200605-01.txt.asc"}, {"name": "20060602-01-U", "tags": ["vendor-advisory", "x_refsource_SGI"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc"}, {"name": "MDKSA-2006:104", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:104"}, {"name": "sendmail-multipart-mime-dos(27128)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27128"}, {"name": "20673", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/20673"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.f-secure.com/security/fsc-2006-5.shtml"}, {"name": "20060621 Re: Sendmail MIME DoS vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/438241/100/0/threaded"}, {"name": "21612", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/21612"}, {"name": "20654", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/20654"}, {"name": "ADV-2006-2390", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/2390"}, {"name": "SSA:2006-166-01", "tags": ["vendor-advisory", "x_refsource_SLACKWARE"], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.631382"}, {"name": "GLSA-200606-19", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-19.xml"}, {"name": "18433", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/18433"}, {"name": "20675", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/20675"}, {"name": "SUSE-SA:2006:032", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0006.html"}, {"name": "FreeBSD-SA-06:17.sendmail", "tags": ["vendor-advisory", "x_refsource_FREEBSD"], "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:17.sendmail.asc"}, {"name": "20060620 Sendmail MIME DoS vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/437928/100/0/threaded"}, {"name": "SSRT061159", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://www.securityfocus.com/archive/1/442939/100/0/threaded"}, {"name": "VU#146718", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/146718"}, {"name": "SSRT061135", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00692635"}, {"name": "15779", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/15779"}, {"name": "20641", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/20641"}, {"name": "20679", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/20679"}, {"name": "26197", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/26197"}, {"name": "21042", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/21042"}, {"name": "21160", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/21160"}, {"name": "IY85930", "tags": ["vendor-advisory", "x_refsource_AIXAPAR"], "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IY85930&apar=only"}, {"name": "20060624 Re: Sendmail MIME DoS vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/438330/100/0/threaded"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cert@cert.org", "ID": "CVE-2006-1173", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for performing 8-bit to 7-bit conversion, which prevents Sendmail from delivering queued messages and might lead to disk consumption by core dump files."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "IY85415", "refsource": "AIXAPAR", "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IY85415&apar=only"}, {"name": "HPSBTU02116", "refsource": "HP", "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00692635"}, {"name": "DSA-1155", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1155"}, {"name": "[3.8] 008: SECURITY FIX: June 15, 2006", "refsource": "OPENBSD", "url": "http://www.openbsd.org/errata38.html#sendmail2"}, {"name": "20684", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20684"}, {"name": "HPSBUX02124", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/442939/100/0/threaded"}, {"name": "ADV-2006-2388", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/2388"}, {"name": "20726", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20726"}, {"name": "oval:org.mitre.oval:def:11253", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11253"}, {"name": "ADV-2006-2351", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/2351"}, {"name": "21327", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21327"}, {"name": "RHSA-2006:0515", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0515.html"}, {"name": "ADV-2006-2389", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/2389"}, {"name": "21647", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21647"}, {"name": "http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-18.html", "refsource": "CONFIRM", "url": "http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-18.html"}, {"name": "https://issues.rpath.com/browse/RPL-526", "refsource": "CONFIRM", "url": "https://issues.rpath.com/browse/RPL-526"}, {"name": "20651", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20651"}, {"name": "20683", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20683"}, {"name": "20650", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20650"}, {"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-148.htm", "refsource": "CONFIRM", "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-148.htm"}, {"name": "20782", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20782"}, {"name": "ADV-2006-3135", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3135"}, {"name": "1016295", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016295"}, {"name": "20694", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20694"}, {"name": "20473", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20473"}, {"name": "ADV-2006-2189", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/2189"}, {"name": "20060721 rPSA-2006-0134-1 sendmail sendmail-cf", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/440744/100/0/threaded"}, {"name": "20060601-01-P", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060601-01-P"}, {"name": "ADV-2006-2798", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/2798"}, {"name": "102460", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102460-1"}, {"name": "http://www.sendmail.com/security/advisories/SA-200605-01.txt.asc", "refsource": "CONFIRM", "url": "http://www.sendmail.com/security/advisories/SA-200605-01.txt.asc"}, {"name": "20060602-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc"}, {"name": "MDKSA-2006:104", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:104"}, {"name": "sendmail-multipart-mime-dos(27128)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27128"}, {"name": "20673", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20673"}, {"name": "http://www.f-secure.com/security/fsc-2006-5.shtml", "refsource": "CONFIRM", "url": "http://www.f-secure.com/security/fsc-2006-5.shtml"}, {"name": "20060621 Re: Sendmail MIME DoS vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/438241/100/0/threaded"}, {"name": "21612", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21612"}, {"name": "20654", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20654"}, {"name": "ADV-2006-2390", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/2390"}, {"name": "SSA:2006-166-01", "refsource": "SLACKWARE", "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.631382"}, {"name": "GLSA-200606-19", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-19.xml"}, {"name": "18433", "refsource": "BID", "url": "http://www.securityfocus.com/bid/18433"}, {"name": "20675", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20675"}, {"name": "SUSE-SA:2006:032", "refsource": "SUSE", "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0006.html"}, {"name": "FreeBSD-SA-06:17.sendmail", "refsource": "FREEBSD", "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:17.sendmail.asc"}, {"name": "20060620 Sendmail MIME DoS vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/437928/100/0/threaded"}, {"name": "SSRT061159", "refsource": "HP", "url": "http://www.securityfocus.com/archive/1/442939/100/0/threaded"}, {"name": "VU#146718", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/146718"}, {"name": "SSRT061135", "refsource": "HP", "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00692635"}, {"name": "15779", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/15779"}, {"name": "20641", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20641"}, {"name": "20679", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20679"}, {"name": "26197", "refsource": "OSVDB", "url": "http://www.osvdb.org/26197"}, {"name": "21042", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21042"}, {"name": "21160", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21160"}, {"name": "IY85930", "refsource": "AIXAPAR", "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IY85930&apar=only"}, {"name": "20060624 Re: Sendmail MIME DoS vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/438330/100/0/threaded"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T17:03:28.441Z"}, "title": "CVE Program Container", "references": [{"name": "IY85415", "tags": ["vendor-advisory", "x_refsource_AIXAPAR", "x_transferred"], "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IY85415&apar=only"}, {"name": "HPSBTU02116", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00692635"}, {"name": "DSA-1155", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2006/dsa-1155"}, {"name": "[3.8] 008: SECURITY FIX: June 15, 2006", "tags": ["vendor-advisory", "x_refsource_OPENBSD", "x_transferred"], "url": "http://www.openbsd.org/errata38.html#sendmail2"}, {"name": "20684", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/20684"}, {"name": "HPSBUX02124", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/442939/100/0/threaded"}, {"name": "ADV-2006-2388", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/2388"}, {"name": "20726", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/20726"}, {"name": "oval:org.mitre.oval:def:11253", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11253"}, {"name": "ADV-2006-2351", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/2351"}, {"name": "21327", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/21327"}, {"name": "RHSA-2006:0515", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2006-0515.html"}, {"name": "ADV-2006-2389", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/2389"}, {"name": "21647", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/21647"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-18.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://issues.rpath.com/browse/RPL-526"}, {"name": "20651", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/20651"}, {"name": "20683", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/20683"}, {"name": "20650", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/20650"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-148.htm"}, {"name": "20782", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/20782"}, {"name": "ADV-2006-3135", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/3135"}, {"name": "1016295", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1016295"}, {"name": "20694", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/20694"}, {"name": "20473", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/20473"}, {"name": "ADV-2006-2189", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/2189"}, {"name": "20060721 rPSA-2006-0134-1 sendmail sendmail-cf", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/440744/100/0/threaded"}, {"name": "20060601-01-P", "tags": ["vendor-advisory", "x_refsource_SGI", "x_transferred"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060601-01-P"}, {"name": "ADV-2006-2798", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/2798"}, {"name": "102460", "tags": ["vendor-advisory", "x_refsource_SUNALERT", "x_transferred"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102460-1"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.sendmail.com/security/advisories/SA-200605-01.txt.asc"}, {"name": "20060602-01-U", "tags": ["vendor-advisory", "x_refsource_SGI", "x_transferred"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc"}, {"name": "MDKSA-2006:104", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:104"}, {"name": "sendmail-multipart-mime-dos(27128)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27128"}, {"name": "20673", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/20673"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.f-secure.com/security/fsc-2006-5.shtml"}, {"name": "20060621 Re: Sendmail MIME DoS vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/438241/100/0/threaded"}, {"name": "21612", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/21612"}, {"name": "20654", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/20654"}, {"name": "ADV-2006-2390", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/2390"}, {"name": "SSA:2006-166-01", "tags": ["vendor-advisory", "x_refsource_SLACKWARE", "x_transferred"], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.631382"}, {"name": "GLSA-200606-19", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-19.xml"}, {"name": "18433", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/18433"}, {"name": "20675", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/20675"}, {"name": "SUSE-SA:2006:032", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0006.html"}, {"name": "FreeBSD-SA-06:17.sendmail", "tags": ["vendor-advisory", "x_refsource_FREEBSD", "x_transferred"], "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:17.sendmail.asc"}, {"name": "20060620 Sendmail MIME DoS vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/437928/100/0/threaded"}, {"name": "SSRT061159", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/442939/100/0/threaded"}, {"name": "VU#146718", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/146718"}, {"name": "SSRT061135", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00692635"}, {"name": "15779", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/15779"}, {"name": "20641", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/20641"}, {"name": "20679", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/20679"}, {"name": "26197", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/26197"}, {"name": "21042", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/21042"}, {"name": "21160", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/21160"}, {"name": "IY85930", "tags": ["vendor-advisory", "x_refsource_AIXAPAR", "x_transferred"], "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IY85930&apar=only"}, {"name": "20060624 Re: Sendmail MIME DoS vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/438330/100/0/threaded"}]}]}, "cveMetadata": {"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2006-1173", "datePublished": "2006-06-07T23:00:00", "dateReserved": "2006-03-12T00:00:00", "dateUpdated": "2024-08-07T17:03:28.441Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sendmail:sendmail:*:*:*:*:*:*:*:*", "matchCriteriaId": "8D42D00B-42EC-4AEC-98FE-6B321206E121", "versionEndIncluding": "8.13.6", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.8.8:*:*:*:*:*:*:*", "matchCriteriaId": "D30A1136-074A-460D-9794-DDD530626800", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "76A9602B-8E5A-4BF4-81F5-D1152D09FCAD", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "EFD0B100-D822-4EBF-8EC9-ADAB8141116B", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "196D77DF-E6D4-46D0-BC2C-8804A587CA25", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "B743E5A3-6B15-4877-9424-A1F1A4214B73", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.10:*:*:*:*:*:*:*", "matchCriteriaId": "76A60742-7815-4658-A6F7-147AA48C24B6", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "9A1A24F2-9C6B-4DF0-AB04-55D051812DD1", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "120271B8-08A9-4C21-A108-0DA61095A006", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.0:*:*:*:*:*:*:*", "matchCriteriaId": "84E6ECDA-DF65-47FF-A42F-FD5C1D864FA3", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.1:*:*:*:*:*:*:*", "matchCriteriaId": "7AA859AF-4E4E-4077-8E98-523E617A1DDC", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.2:*:*:*:*:*:*:*", "matchCriteriaId": "A9791650-C367-43B6-A0F4-5BB56CE10778", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.3:*:*:*:*:*:*:*", "matchCriteriaId": "8340DDA8-77DD-4AEB-B267-F86F64A851B3", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.4:*:*:*:*:*:*:*", "matchCriteriaId": "07DCBBEE-1DF0-40FE-B755-1FC35CF16788", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.5:*:*:*:*:*:*:*", "matchCriteriaId": "581626E7-47B5-4819-B34F-B6DFD07A12F9", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.6:*:*:*:*:*:*:*", "matchCriteriaId": "8BBE9A4A-8AB9-4A97-A106-970FEB08952C", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.11.7:*:*:*:*:*:*:*", "matchCriteriaId": "B754AD41-90A0-4382-B599-E41289C690A2", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta10:*:*:*:*:*:*", "matchCriteriaId": "BD99394C-5408-4A01-8D4E-417FFFFDE9C7", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta12:*:*:*:*:*:*", "matchCriteriaId": "AAB59A24-87DE-4CAD-A2BA-AFCC0B2A55B2", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta16:*:*:*:*:*:*", "matchCriteriaId": "97D641EF-0B69-45A1-B85E-3C9C93AB9D42", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta5:*:*:*:*:*:*", "matchCriteriaId": "8972211B-6A5B-4095-9CBB-CEF4C23C9C65", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.12:beta7:*:*:*:*:*:*", "matchCriteriaId": "8F81A2AD-90A0-4B97-86A3-92690A0FCA71", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.0:*:*:*:*:*:*:*", "matchCriteriaId": "598F74BA-2B71-435E-92B8-9DEADB3311A5", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.1:*:*:*:*:*:*:*", "matchCriteriaId": "79A46DF2-8EEB-40C8-B1CA-01BC064BD25E", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.2:*:*:*:*:*:*:*", "matchCriteriaId": "581E5904-1A2B-49FF-BE3F-D42019AD816B", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.3:*:*:*:*:*:*:*", "matchCriteriaId": "B6CC4C83-4FB9-4344-AFCB-C260659F81DD", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.4:*:*:*:*:*:*:*", "matchCriteriaId": "CAF763B4-58E3-4868-8C92-47DE3E4E5F40", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.5:*:*:*:*:*:*:*", "matchCriteriaId": "8A4FCB77-7FAC-4A4B-851C-2F352B44D3CB", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.6:*:*:*:*:*:*:*", "matchCriteriaId": "6FEB3923-8F4B-4523-84F9-17D1CFA37F8C", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.7:*:*:*:*:*:*:*", "matchCriteriaId": "58CD19B4-4BFD-4DE8-B21F-6B6CDE6793C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.8:*:*:*:*:*:*:*", "matchCriteriaId": "7B82BBB7-CD72-4A33-97D4-B1E51A595323", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.9:*:*:*:*:*:*:*", "matchCriteriaId": "6C1D6A40-5DD1-481C-AF85-85705FCE3680", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.10:*:*:*:*:*:*:*", "matchCriteriaId": "DC7125C4-64AF-4A3B-BBD6-1A56660A2D90", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.12.11:*:*:*:*:*:*:*", "matchCriteriaId": "83AE5BA5-09FF-4AF8-B4E8-4D372A208E2B", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.13.0:*:*:*:*:*:*:*", "matchCriteriaId": "B4E0D099-C149-4923-A06C-200A23CEA943", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.13.1:*:*:*:*:*:*:*", "matchCriteriaId": "01B75BCD-9187-4DB0-903D-5F73429AEE78", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.13.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "631A40C3-4266-4516-A586-8341D2C01270", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.13.2:*:*:*:*:*:*:*", "matchCriteriaId": "F7DB5E2A-0E79-45DF-BD85-FD216A970771", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.13.3:*:*:*:*:*:*:*", "matchCriteriaId": "D20FAC60-445E-4847-B5DE-8ACDDA55E1CA", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.13.4:*:*:*:*:*:*:*", "matchCriteriaId": "9962F81C-A08C-4F8E-A07C-4F4B5C441EA5", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.13.5:*:*:*:*:*:*:*", "matchCriteriaId": "A38C234D-EF75-4A96-A0FD-E1DDDADAC1BC", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for performing 8-bit to 7-bit conversion, which prevents Sendmail from delivering queued messages and might lead to disk consumption by core dump files."}], "id": "CVE-2006-1173", "lastModified": "2024-11-21T00:08:14.503", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-06-07T23:06:00.000", "references": [{"source": "cret@cert.org", "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:17.sendmail.asc"}, {"source": "cret@cert.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060601-01-P"}, {"source": "cret@cert.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc"}, {"source": "cret@cert.org", "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00692635"}, {"source": "cret@cert.org", "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00692635"}, {"source": "cret@cert.org", "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0006.html"}, {"source": "cret@cert.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/15779"}, {"source": "cret@cert.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/20473"}, {"source": "cret@cert.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20641"}, {"source": "cret@cert.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20650"}, {"source": "cret@cert.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20651"}, {"source": "cret@cert.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20654"}, {"source": "cret@cert.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20673"}, {"source": "cret@cert.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20675"}, {"source": "cret@cert.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20679"}, {"source": "cret@cert.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20683"}, {"source": "cret@cert.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20684"}, {"source": "cret@cert.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20694"}, {"source": "cret@cert.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20726"}, {"source": "cret@cert.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20782"}, {"source": "cret@cert.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/21042"}, {"source": "cret@cert.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/21160"}, {"source": "cret@cert.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/21327"}, {"source": "cret@cert.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/21612"}, {"source": "cret@cert.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/21647"}, {"source": "cret@cert.org", "url": "http://securitytracker.com/id?1016295"}, {"source": "cret@cert.org", "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.631382"}, {"source": "cret@cert.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102460-1"}, {"source": "cret@cert.org", "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-148.htm"}, {"source": "cret@cert.org", "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IY85415&apar=only"}, {"source": "cret@cert.org", "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IY85930&apar=only"}, {"source": "cret@cert.org", "url": "http://www.debian.org/security/2006/dsa-1155"}, {"source": "cret@cert.org", "url": "http://www.f-secure.com/security/fsc-2006-5.shtml"}, {"source": "cret@cert.org", "url": "http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-18.html"}, {"source": "cret@cert.org", "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-19.xml"}, {"source": "cret@cert.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/146718"}, {"source": "cret@cert.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:104"}, {"source": "cret@cert.org", "url": "http://www.openbsd.org/errata38.html#sendmail2"}, {"source": "cret@cert.org", "url": "http://www.osvdb.org/26197"}, {"source": "cret@cert.org", "url": "http://www.redhat.com/support/errata/RHSA-2006-0515.html"}, {"source": "cret@cert.org", "url": "http://www.securityfocus.com/archive/1/437928/100/0/threaded"}, {"source": "cret@cert.org", "url": "http://www.securityfocus.com/archive/1/438241/100/0/threaded"}, {"source": "cret@cert.org", "url": "http://www.securityfocus.com/archive/1/438330/100/0/threaded"}, {"source": "cret@cert.org", "url": "http://www.securityfocus.com/archive/1/440744/100/0/threaded"}, {"source": "cret@cert.org", "url": "http://www.securityfocus.com/archive/1/442939/100/0/threaded"}, {"source": "cret@cert.org", "url": "http://www.securityfocus.com/archive/1/442939/100/0/threaded"}, {"source": "cret@cert.org", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/18433"}, {"source": "cret@cert.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.sendmail.com/security/advisories/SA-200605-01.txt.asc"}, {"source": "cret@cert.org", "url": "http://www.vupen.com/english/advisories/2006/2189"}, {"source": "cret@cert.org", "url": "http://www.vupen.com/english/advisories/2006/2351"}, {"source": "cret@cert.org", "url": "http://www.vupen.com/english/advisories/2006/2388"}, {"source": "cret@cert.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2006/2389"}, {"source": "cret@cert.org", "url": "http://www.vupen.com/english/advisories/2006/2390"}, {"source": "cret@cert.org", "url": "http://www.vupen.com/english/advisories/2006/2798"}, {"source": "cret@cert.org", "url": "http://www.vupen.com/english/advisories/2006/3135"}, {"source": "cret@cert.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27128"}, {"source": "cret@cert.org", "url": "https://issues.rpath.com/browse/RPL-526"}, {"source": "cret@cert.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11253"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:17.sendmail.asc"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060601-01-P"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00692635"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00692635"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0006.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/15779"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/20473"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20641"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20650"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20651"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20654"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20673"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20675"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20679"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20683"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20684"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20694"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20726"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/20782"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/21042"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/21160"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/21327"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/21612"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/21647"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1016295"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.631382"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102460-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-148.htm"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IY85415&apar=only"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IY85930&apar=only"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1155"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.f-secure.com/security/fsc-2006-5.shtml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-18.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-19.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/146718"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:104"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openbsd.org/errata38.html#sendmail2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/26197"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2006-0515.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/437928/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/438241/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/438330/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/440744/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/442939/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/442939/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/18433"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.sendmail.com/security/advisories/SA-200605-01.txt.asc"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/2189"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/2351"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/2388"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2006/2389"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/2390"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/2798"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/3135"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27128"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://issues.rpath.com/browse/RPL-526"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11253"}], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2006:0515", "cpe": "cpe:/o:redhat:enterprise_linux:3", "package": "sendmail-0:8.12.11-4.RHEL3.6", "product_name": "Red Hat Enterprise Linux 3", "release_date": "2006-06-14T00:00:00Z"}, {"advisory": "RHSA-2006:0515", "cpe": "cpe:/o:redhat:enterprise_linux:4", "package": "sendmail-0:8.13.1-3.RHEL4.5", "product_name": "Red Hat Enterprise Linux 4", "release_date": "2006-06-14T00:00:00Z"}], "bugzilla": {"description": "security flaw", "id": "1618028", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618028"}, "csaw": false, "details": ["Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for performing 8-bit to 7-bit conversion, which prevents Sendmail from delivering queued messages and might lead to disk consumption by core dump files."], "name": "CVE-2006-1173", "public_date": "2006-06-14T01:06:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2006-1173\nhttps://nvd.nist.gov/vuln/detail/CVE-2006-1173"], "threat_severity": "Important"}

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object