FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2006-1173

This CVE name corresponds to:

Entered Topic
2006-06-14 sendmail -- Incorrect multipart message handling

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2006-1173 at cve.mitre.org

Details

Type Candidate
Name CVE-2006-1173
Phase Assigned(20060312)

Description

Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for performing 8-bit to 7-bit conversion, which prevents Sendmail from delivering queued messages and might lead to disk consumption by core dump files.

References

Source Reference
BUGTRAQ 20060620 Sendmail MIME DoS vulnerability
BUGTRAQ 20060621 Re: Sendmail MIME DoS vulnerability
BUGTRAQ 20060624 Re: Sendmail MIME DoS vulnerability
BUGTRAQ 20060721 rPSA-2006-0134-1 sendmail sendmail-cf
CONFIRM http://www.sendmail.com/security/advisories/SA-200605-01.txt.asc
CONFIRM http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-18.html
CONFIRM http://www.f-secure.com/security/fsc-2006-5.shtml
CONFIRM https://issues.rpath.com/browse/RPL-526
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-148.htm
AIXAPAR IY85415
AIXAPAR IY85930
DEBIAN DSA-1155
FREEBSD FreeBSD-SA-06:17.sendmail
GENTOO GLSA-200606-19
HP HPSBTU02116
HP SSRT061135
HP HPSBUX02124
HP SSRT061159
MANDRIVA MDKSA-2006:104
OPENBSD [3.8] 008: SECURITY FIX: June 15, 2006
REDHAT RHSA-2006:0515
SGI 20060601-01-P
SGI 20060602-01-U
SLACKWARE SSA:2006-166-01
SUNALERT 102460
SUSE SUSE-SA:2006:032
CERT-VN VU#146718
BID 18433
OVAL oval:org.mitre.oval:def:11253
VUPEN ADV-2006-2189
VUPEN ADV-2006-2351
VUPEN ADV-2006-2388
VUPEN ADV-2006-2389
VUPEN ADV-2006-2390
VUPEN ADV-2006-2798
VUPEN ADV-2006-3135
OSVDB 26197
SECTRACK 1016295
SECUNIA 15779
SECUNIA 20473
SECUNIA 20641
SECUNIA 20650
SECUNIA 20651
SECUNIA 20654
SECUNIA 20673
SECUNIA 20675
SECUNIA 20679
SECUNIA 20683
SECUNIA 20684
SECUNIA 20694
SECUNIA 20726
SECUNIA 20782
SECUNIA 21042
SECUNIA 21160
SECUNIA 21327
SECUNIA 21612
SECUNIA 21647
XF sendmail-multipart-mime-dos(27128)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.