VDB
CVE-2006-1173
CVE-2006-1173
PUBLISHED
CVSS 5 MEDIUM
Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for performing 8-bit to 7-bit conversion, which prevents Sendmail from delivering queued messages and might lead to disk consumption by core dump files.
EPSS 21.46% · 95.8th percentile
Risk Scores
CVSS 2.0
5
EPSS Score
21.46%
95.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| sendmail | sendmail | 8.13.1.2, 0, 8.8.8 |
| n/a | n/a | * |
Timeline
- Jun 7, 2006 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 3, 2022 CVE Updated
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- Apr 11, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
References
- IY85415 vendor-advisory
- HPSBTU02116 vendor-advisory
- DSA-1155 vendor-advisory
- [3.8] 008: SECURITY FIX: June 15, 2006 vendor-advisory
- 20684 third-party-advisory
- HPSBUX02124 vendor-advisory
- ADV-2006-2388 vdb
- 20726 third-party-advisory
- oval:org.mitre.oval:def:11253 vdb
- ADV-2006-2351 vdb
- 21327 third-party-advisory
- RHSA-2006:0515 vendor-advisory
- ADV-2006-2389 vdb
- 21647 third-party-advisory
- http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-18.html url
- https://issues.rpath.com/browse/RPL-526 url
- 20651 third-party-advisory
- 20683 third-party-advisory
- 20650 third-party-advisory
- http://support.avaya.com/elmodocs2/security/ASA-2006-148.htm url
…and 37 more