Podatność CVE-2006-4434


Publikacja: 2006-08-28   Modyfikacja: 2012-02-12

Opis:
Use-after-free vulnerability in Sendmail before 8.13.8 allows remote attackers to cause a denial of service (crash) via a long "header line", which causes a previously freed variable to be referenced. NOTE: the original developer has disputed the severity of this issue, saying "The only denial of service that is possible here is to fill up the disk with core dumps if the OS actually generates different core dumps (which is unlikely)... the bug is in the shutdown code (finis()) which leads directly to exit(3), i.e., the process would terminate anyway, no mail delivery or receiption is affected."

Typ:

CWE-399

(Resource Management Errors)

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:P)

Ogólna skala CVSS
Znaczenie
Łatwość wykorzystania
5/10
2.9/10
10/10
Wymagany dostęp
Złożoność ataku
Autoryzacja
Zdalny
Niska
Nie wymagana
Wpływ na poufność
Wpływ na integralność
Wpływ na dostępność
Brak
Brak
Częściowy
Affected software
Sendmail -> Sendmail 

 Referencje:
http://www.sendmail.org/releases/8.13.8.html
http://www.securityfocus.com/bid/19714
http://securitytracker.com/id?1016753
http://secunia.com/advisories/21641
http://secunia.com/advisories/21637
http://www.vupen.com/english/advisories/2006/3994
http://www.vupen.com/english/advisories/2006/3393
http://www.osvdb.org/28193
http://www.openbsd.org/errata38.html#sendmail3
http://www.openbsd.org/errata.html#sendmail3
http://www.novell.com/linux/security/advisories/2006_21_sr.html
http://www.mandriva.com/security/advisories?name=MDKSA-2006:156
http://www.debian.org/security/2006/dsa-1164
http://www.attrition.org/pipermail/vim/2006-August/000999.html
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102664-1
http://secunia.com/advisories/22369
http://secunia.com/advisories/21749
http://secunia.com/advisories/21700
http://secunia.com/advisories/21696

Copyright 2024, cxsecurity.com

 

Back to Top