Vulnerability Description
Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for performing 8-bit to 7-bit conversion, which prevents Sendmail from delivering queued messages and might lead to disk consumption by core dump files.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sendmail | Sendmail | <= 8.13.6 |
Related Weaknesses (CWE)
References
- ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:17.sendmail.asc
- ftp://patches.sgi.com/support/free/security/advisories/20060601-01-P
- ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc
- http://itrc.hp.com/service/cki/docDisplay.do?docId=c00692635
- http://lists.suse.com/archive/suse-security-announce/2006-Jun/0006.html
- http://secunia.com/advisories/15779PatchVendor Advisory
- http://secunia.com/advisories/20473PatchVendor Advisory
- http://secunia.com/advisories/20641Vendor Advisory
- http://secunia.com/advisories/20650Vendor Advisory
- http://secunia.com/advisories/20651Vendor Advisory
- http://secunia.com/advisories/20654Vendor Advisory
- http://secunia.com/advisories/20673Vendor Advisory
- http://secunia.com/advisories/20675Vendor Advisory
- http://secunia.com/advisories/20679Vendor Advisory
- http://secunia.com/advisories/20683Vendor Advisory
FAQ
What is CVE-2006-1173?
CVE-2006-1173 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for perfo...
How severe is CVE-2006-1173?
CVE-2006-1173 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-1173?
Check the references section above for vendor advisories and patch information. Affected products include: Sendmail Sendmail.