Launchpad.net

CVE 2006-1173

Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for performing 8-bit to 7-bit conversion, which prevents Sendmail from delivering queued messages and might lead to disk consumption by core dump files.

See the

CVE page on Mitre.org for more details.

References

HP: HPSBTU02116
HP: SSRT061135
CERT-VN: VU#146718
SECUNIA: 20473
CONFIRM: http://www.sendmail.co...
REDHAT: RHSA-2006:0515
SUNALERT: 102460
BID: 18433
SECTRACK: 1016295
SECUNIA: 15779
CONFIRM: http://www.fortinet.co...
FREEBSD: FreeBSD-SA-06:17.sendmail
GENTOO: GLSA-200606-19
OPENBSD: [3.8] 008: SECURITY FI...
SGI: 20060601-01-P
SUSE: SUSE-SA:2006:032
SECUNIA: 20641
SECUNIA: 20650
SECUNIA: 20651
SECUNIA: 20654
SECUNIA: 20673
SECUNIA: 20675
SECUNIA: 20679
SECUNIA: 20683
SECUNIA: 20684
SECUNIA: 20694
SGI: 20060602-01-U
SECUNIA: 20726
SECUNIA: 20782
CONFIRM: http://www.f-secure.co...
SECUNIA: 21042
CONFIRM: https://issues.rpath.c...
SECUNIA: 21160
SECUNIA: 21327
DEBIAN: DSA-1155
SECUNIA: 21612
CONFIRM: http://support.avaya.c...
OSVDB: 26197
SECUNIA: 21647
MANDRIVA: MDKSA-2006:104
VUPEN: ADV-2006-2189
VUPEN: ADV-2006-2351
VUPEN: ADV-2006-2388
VUPEN: ADV-2006-2389
VUPEN: ADV-2006-2390
VUPEN: ADV-2006-2798
VUPEN: ADV-2006-3135
AIXAPAR: IY85415
AIXAPAR: IY85930
SLACKWARE: SSA:2006-166-01
XF: sendmail-multipart-mim...
OVAL: oval:org.mitre.oval:de...
BUGTRAQ: 20060620 Sendmail MIME...
BUGTRAQ: 20060621 Re: Sendmail ...
BUGTRAQ: 20060624 Re: Sendmail ...
BUGTRAQ: 20060721 rPSA-2006-013...
HP: HPSBUX02124
HP: SSRT061159

Launchpad.net

CVE 2006-1173

Related bugs

References