CVE-2006-1173 : Dettaglio

CVE-2006-1173

21.46%V4
Network
2006-06-08
03h00 +00:00
2024-08-07
17h03 +00:00
CVE.org
NVD
Notifiche per una CVE specifica
Rimani informato su qualsiasi modifica relativa a una CVE specifica.
Gestione notifiche

Descrizioni CVE

Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for performing 8-bit to 7-bit conversion, which prevents Sendmail from delivering queued messages and might lead to disk consumption by core dump files.

Informazioni CVE

Vulnerabilità correlate

CWE-ID Nome della vulnerabilità Source
CWE-399 Category : Resource Management Errors
Weaknesses in this category are related to improper management of system resources.

Metriche

Metriche Punteggio Gravità CVSS Vettore Source
V2 5 AV:N/AC:L/Au:N/C:N/I:N/A:P nvd@nist.gov

EPSS

EPSS è un modello di punteggio che prevede la probabilità che una vulnerabilità venga sfruttata.

Punteggio EPSS

Il modello EPSS produce un punteggio di probabilità compreso tra 0 e 1 (da 0 a 100%). Più alto è il punteggio, maggiore è la probabilità che una vulnerabilità venga sfruttata.

Percentile EPSS

Il percentile viene utilizzato per classificare le CVE in base al loro punteggio EPSS. Ad esempio, una CVE al 95° percentile secondo il suo punteggio EPSS ha una probabilità maggiore di essere sfruttata rispetto al 95% delle altre CVE. Il percentile consente quindi di confrontare il punteggio EPSS di una CVE con quello delle altre.
EPSS First.org

Products Mentioned

Configuraton 0

Sendmail>>Sendmail >> Version To (including) 8.13.6

Sendmail>>Sendmail >> Version 8.8.8

Sendmail>>Sendmail >> Version 8.9.0

Sendmail>>Sendmail >> Version 8.9.1

Sendmail>>Sendmail >> Version 8.9.2

Sendmail>>Sendmail >> Version 8.9.3

Sendmail>>Sendmail >> Version 8.10

Sendmail>>Sendmail >> Version 8.10.1

Sendmail>>Sendmail >> Version 8.10.2

Sendmail>>Sendmail >> Version 8.11.0

Sendmail>>Sendmail >> Version 8.11.1

Sendmail>>Sendmail >> Version 8.11.2

Sendmail>>Sendmail >> Version 8.11.3

Sendmail>>Sendmail >> Version 8.11.4

Sendmail>>Sendmail >> Version 8.11.5

Sendmail>>Sendmail >> Version 8.11.6

Sendmail>>Sendmail >> Version 8.11.7

Sendmail>>Sendmail >> Version 8.12

Sendmail>>Sendmail >> Version 8.12

Sendmail>>Sendmail >> Version 8.12

Sendmail>>Sendmail >> Version 8.12

Sendmail>>Sendmail >> Version 8.12

Sendmail>>Sendmail >> Version 8.12.0

Sendmail>>Sendmail >> Version 8.12.1

Sendmail>>Sendmail >> Version 8.12.2

Sendmail>>Sendmail >> Version 8.12.3

Sendmail>>Sendmail >> Version 8.12.4

Sendmail>>Sendmail >> Version 8.12.5

Sendmail>>Sendmail >> Version 8.12.6

Sendmail>>Sendmail >> Version 8.12.7

Sendmail>>Sendmail >> Version 8.12.8

Sendmail>>Sendmail >> Version 8.12.9

Sendmail>>Sendmail >> Version 8.12.10

Sendmail>>Sendmail >> Version 8.12.11

Sendmail>>Sendmail >> Version 8.13.0

Sendmail>>Sendmail >> Version 8.13.1

Sendmail>>Sendmail >> Version 8.13.1.2

Sendmail>>Sendmail >> Version 8.13.2

Sendmail>>Sendmail >> Version 8.13.3

Sendmail>>Sendmail >> Version 8.13.4

Sendmail>>Sendmail >> Version 8.13.5

Riferimenti

http://www.debian.org/security/2006/dsa-1155
Tags : vendor-advisory, x_refsource_DEBIAN
http://www.openbsd.org/errata38.html#sendmail2
Tags : vendor-advisory, x_refsource_OPENBSD
http://secunia.com/advisories/20684
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2006/2388
Tags : vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/20726
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2006/2351
Tags : vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/21327
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2006-0515.html
Tags : vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2006/2389
Tags : vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/21647
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/20651
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/20683
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/20650
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/20782
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2006/3135
Tags : vdb-entry, x_refsource_VUPEN
http://securitytracker.com/id?1016295
Tags : vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/20694
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/20473
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2006/2189
Tags : vdb-entry, x_refsource_VUPEN
http://www.vupen.com/english/advisories/2006/2798
Tags : vdb-entry, x_refsource_VUPEN
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102460-1
Tags : vendor-advisory, x_refsource_SUNALERT
http://www.mandriva.com/security/advisories?name=MDKSA-2006:104
Tags : vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/20673
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/21612
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/20654
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2006/2390
Tags : vdb-entry, x_refsource_VUPEN
http://www.gentoo.org/security/en/glsa/glsa-200606-19.xml
Tags : vendor-advisory, x_refsource_GENTOO
http://www.securityfocus.com/bid/18433
Tags : vdb-entry, x_refsource_BID
http://secunia.com/advisories/20675
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.kb.cert.org/vuls/id/146718
Tags : third-party-advisory, x_refsource_CERT-VN
http://secunia.com/advisories/15779
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/20641
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/20679
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.osvdb.org/26197
Tags : vdb-entry, x_refsource_OSVDB
http://secunia.com/advisories/21042
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/21160
Tags : third-party-advisory, x_refsource_SECUNIA
Le informazioni presentate su CVE Find provengono da diverse fonti di riferimento attentamente selezionate. I dati CVE sono forniti da MITRE Corporation e dal National Vulnerability Database (NVD). Il catalogo delle vulnerabilità sfruttate conosciute (KEV) proviene dalla Cybersecurity and Infrastructure Security Agency (CISA), mentre i punteggi EPSS provengono da FIRST.org. Inoltre, i dati relativi alle vulnerabilità software (CWE) e ai pattern di attacco comuni (CAPEC) sono mantenuti da MITRE Corporation, e le informazioni sulle configurazioni hardware e software (CPE) sono fornite da NVD.