CVE-2006-1173 : Detail

CVE-2006-1173

21.46%V4
Network
2006-06-08
03h00 +00:00
2024-08-07
17h03 +00:00
CVE.org
NVD
Meldingen voor een CVE
Blijf op de hoogte van wijzigingen voor een specifieke CVE.
Meldingen beheren

CVE-beschrijvingen

Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for performing 8-bit to 7-bit conversion, which prevents Sendmail from delivering queued messages and might lead to disk consumption by core dump files.

CVE-informatie

Gerelateerde zwakheden

CWE-ID Zwakheidsnaam Source
CWE-399 Category : Resource Management Errors
Weaknesses in this category are related to improper management of system resources.

Metriek

Metriek Score Ernst CVSS Vector Source
V2 5 AV:N/AC:L/Au:N/C:N/I:N/A:P nvd@nist.gov

EPSS

EPSS is een scoremodel dat de kans voorspelt dat een kwetsbaarheid wordt uitgebuit.

EPSS-score

Het EPSS-model produceert een kans score tussen 0 en 1 (0 en 100%). Hoe hoger de score, hoe groter de kans dat een kwetsbaarheid wordt uitgebuit.

EPSS-percentiel

Het percentiel wordt gebruikt om CVE's te rangschikken op basis van hun EPSS-score. Een CVE in het 95e percentiel heeft bijvoorbeeld een grotere kans om te worden uitgebuit dan 95% van de andere CVE's. Het percentiel wordt dus gebruikt om de EPSS-score van een CVE te vergelijken met die van andere CVE's.
EPSS First.org

Products Mentioned

Configuraton 0

Sendmail>>Sendmail >> Version To (including) 8.13.6

Sendmail>>Sendmail >> Version 8.8.8

Sendmail>>Sendmail >> Version 8.9.0

Sendmail>>Sendmail >> Version 8.9.1

Sendmail>>Sendmail >> Version 8.9.2

Sendmail>>Sendmail >> Version 8.9.3

Sendmail>>Sendmail >> Version 8.10

Sendmail>>Sendmail >> Version 8.10.1

Sendmail>>Sendmail >> Version 8.10.2

Sendmail>>Sendmail >> Version 8.11.0

Sendmail>>Sendmail >> Version 8.11.1

Sendmail>>Sendmail >> Version 8.11.2

Sendmail>>Sendmail >> Version 8.11.3

Sendmail>>Sendmail >> Version 8.11.4

Sendmail>>Sendmail >> Version 8.11.5

Sendmail>>Sendmail >> Version 8.11.6

Sendmail>>Sendmail >> Version 8.11.7

Sendmail>>Sendmail >> Version 8.12

Sendmail>>Sendmail >> Version 8.12

Sendmail>>Sendmail >> Version 8.12

Sendmail>>Sendmail >> Version 8.12

Sendmail>>Sendmail >> Version 8.12

Sendmail>>Sendmail >> Version 8.12.0

Sendmail>>Sendmail >> Version 8.12.1

Sendmail>>Sendmail >> Version 8.12.2

Sendmail>>Sendmail >> Version 8.12.3

Sendmail>>Sendmail >> Version 8.12.4

Sendmail>>Sendmail >> Version 8.12.5

Sendmail>>Sendmail >> Version 8.12.6

Sendmail>>Sendmail >> Version 8.12.7

Sendmail>>Sendmail >> Version 8.12.8

Sendmail>>Sendmail >> Version 8.12.9

Sendmail>>Sendmail >> Version 8.12.10

Sendmail>>Sendmail >> Version 8.12.11

Sendmail>>Sendmail >> Version 8.13.0

Sendmail>>Sendmail >> Version 8.13.1

Sendmail>>Sendmail >> Version 8.13.1.2

Sendmail>>Sendmail >> Version 8.13.2

Sendmail>>Sendmail >> Version 8.13.3

Sendmail>>Sendmail >> Version 8.13.4

Sendmail>>Sendmail >> Version 8.13.5

Referenties

http://www.debian.org/security/2006/dsa-1155
Tags : vendor-advisory, x_refsource_DEBIAN
http://www.openbsd.org/errata38.html#sendmail2
Tags : vendor-advisory, x_refsource_OPENBSD
http://secunia.com/advisories/20684
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2006/2388
Tags : vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/20726
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2006/2351
Tags : vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/21327
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2006-0515.html
Tags : vendor-advisory, x_refsource_REDHAT
http://www.vupen.com/english/advisories/2006/2389
Tags : vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/21647
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/20651
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/20683
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/20650
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/20782
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2006/3135
Tags : vdb-entry, x_refsource_VUPEN
http://securitytracker.com/id?1016295
Tags : vdb-entry, x_refsource_SECTRACK
http://secunia.com/advisories/20694
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/20473
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2006/2189
Tags : vdb-entry, x_refsource_VUPEN
http://www.vupen.com/english/advisories/2006/2798
Tags : vdb-entry, x_refsource_VUPEN
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102460-1
Tags : vendor-advisory, x_refsource_SUNALERT
http://www.mandriva.com/security/advisories?name=MDKSA-2006:104
Tags : vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/20673
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/21612
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/20654
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2006/2390
Tags : vdb-entry, x_refsource_VUPEN
http://www.gentoo.org/security/en/glsa/glsa-200606-19.xml
Tags : vendor-advisory, x_refsource_GENTOO
http://www.securityfocus.com/bid/18433
Tags : vdb-entry, x_refsource_BID
http://secunia.com/advisories/20675
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.kb.cert.org/vuls/id/146718
Tags : third-party-advisory, x_refsource_CERT-VN
http://secunia.com/advisories/15779
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/20641
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/20679
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.osvdb.org/26197
Tags : vdb-entry, x_refsource_OSVDB
http://secunia.com/advisories/21042
Tags : third-party-advisory, x_refsource_SECUNIA
http://secunia.com/advisories/21160
Tags : third-party-advisory, x_refsource_SECUNIA
De informatie die op CVE Find wordt gepresenteerd, is afkomstig van verschillende zorgvuldig geselecteerde referentiebronnen. CVE-gegevens worden geleverd door MITRE Corporation en de National Vulnerability Database (NVD). De Known Exploited Vulnerabilities (KEV)-catalogus is afkomstig van de Cybersecurity and Infrastructure Security Agency (CISA), terwijl EPSS-scores afkomstig zijn van FIRST.org. Daarnaast worden gegevens over softwarezwakheden (CWE) en veelvoorkomende aanvalspatronen (CAPEC) bijgehouden door MITRE Corporation, en informatie over hardware- en softwareconfiguraties (CPE) wordt geleverd door de NVD.