[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247862

 
 

909

 
 

194603

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-4434Date: (C)2006-08-28   (M)2024-02-23


Use-after-free vulnerability in Sendmail before 8.13.8 allows remote attackers to cause a denial of service (crash) via a long "header line", which causes a previously freed variable to be referenced. NOTE: the original developer has disputed the severity of this issue, saying "The only denial of service that is possible here is to fill up the disk with core dumps if the OS actually generates different core dumps (which is unlikely)... the bug is in the shutdown code (finis()) which leads directly to exit(3), i.e., the process would terminate anyway, no mail delivery or receiption is affected."

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 7.5CVSS Score : 5.0
Exploit Score: 3.9Exploit Score: 10.0
Impact Score: 3.6Impact Score: 2.9
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: NETWORKAccess Vector: NETWORK
Attack Complexity: LOWAccess Complexity: LOW
Privileges Required: NONEAuthentication: NONE
User Interaction: NONEConfidentiality: NONE
Scope: UNCHANGEDIntegrity: NONE
Confidentiality: NONEAvailability: PARTIAL
Integrity: NONE 
Availability: HIGH 
  
Reference:
SECTRACK-1016753
SUNALERT-102664
BID-19714
http://www.attrition.org/pipermail/vim/2006-August/000999.html
SECUNIA-21637
SECUNIA-21641
SECUNIA-21696
SECUNIA-21700
SECUNIA-21749
SECUNIA-22369
OSVDB-28193
ADV-2006-3393
ADV-2006-3994
DSA-1164
MDKSA-2006:156
SUSE-SR:2006:021
http://www.openbsd.org/errata38.html#sendmail3
http://www.openbsd.org/errata.html#sendmail3
http://www.sendmail.org/releases/8.13.8.html

CWE    1
CWE-416

© SecPod Technologies