CVE-2006-4434

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2006-4434
Use-after-free vulnerability in Sendmail before 8.13.8 allows remote attackers to cause a denial of service (crash) via a long "header line", which causes a previously freed variable to be referenced. NOTE: the original developer has disputed the severity of this issue, saying "The only denial of service that is possible here is to fill up the disk with core dumps if the OS actually generates different core dumps (which is unlikely)... the bug is in the shutdown code (finis()) which leads directly to exit(3), i.e., the process would terminate anyway, no mail delivery or receiption is affected."

7.5 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

5.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References
Link Resource
http://secunia.com/advisories/21637 Broken Link Patch Vendor Advisory
http://secunia.com/advisories/21641 Broken Link Patch Vendor Advisory
http://secunia.com/advisories/21696 Broken Link Vendor Advisory
http://secunia.com/advisories/21700 Broken Link Vendor Advisory
http://secunia.com/advisories/21749 Broken Link Vendor Advisory
http://secunia.com/advisories/22369 Broken Link Vendor Advisory
http://securitytracker.com/id?1016753 Broken Link Patch Third Party Advisory VDB Entry
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102664-1 Broken Link
http://www.attrition.org/pipermail/vim/2006-August/000999.html Mailing List
http://www.debian.org/security/2006/dsa-1164 Broken Link
http://www.mandriva.com/security/advisories?name=MDKSA-2006:156 Broken Link
http://www.novell.com/linux/security/advisories/2006_21_sr.html Broken Link
http://www.openbsd.org/errata.html#sendmail3 Release Notes
http://www.openbsd.org/errata38.html#sendmail3 Third Party Advisory
http://www.osvdb.org/28193 Broken Link
http://www.securityfocus.com/bid/19714 Broken Link Patch Third Party Advisory VDB Entry
http://www.sendmail.org/releases/8.13.8.html Release Notes
http://www.vupen.com/english/advisories/2006/3393 Broken Link Vendor Advisory
http://www.vupen.com/english/advisories/2006/3994 Broken Link Vendor Advisory
http://secunia.com/advisories/21637 Broken Link Patch Vendor Advisory
http://secunia.com/advisories/21641 Broken Link Patch Vendor Advisory
http://secunia.com/advisories/21696 Broken Link Vendor Advisory
http://secunia.com/advisories/21700 Broken Link Vendor Advisory
http://secunia.com/advisories/21749 Broken Link Vendor Advisory
http://secunia.com/advisories/22369 Broken Link Vendor Advisory
http://securitytracker.com/id?1016753 Broken Link Patch Third Party Advisory VDB Entry
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102664-1 Broken Link
http://www.attrition.org/pipermail/vim/2006-August/000999.html Mailing List
http://www.debian.org/security/2006/dsa-1164 Broken Link
http://www.mandriva.com/security/advisories?name=MDKSA-2006:156 Broken Link
http://www.novell.com/linux/security/advisories/2006_21_sr.html Broken Link
http://www.openbsd.org/errata.html#sendmail3 Release Notes
http://www.openbsd.org/errata38.html#sendmail3 Third Party Advisory
http://www.osvdb.org/28193 Broken Link
http://www.securityfocus.com/bid/19714 Broken Link Patch Third Party Advisory VDB Entry
http://www.sendmail.org/releases/8.13.8.html Release Notes
http://www.vupen.com/english/advisories/2006/3393 Broken Link Vendor Advisory
http://www.vupen.com/english/advisories/2006/3994 Broken Link Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:sendmail:sendmail:*:*:*:*:*:*:*:*
History

21 Nov 2024, 00:15

Type Values Removed Values Added
References () http://secunia.com/advisories/21637 - Broken Link, Patch, Vendor Advisory () http://secunia.com/advisories/21637 - Broken Link, Patch, Vendor Advisory
References () http://secunia.com/advisories/21641 - Broken Link, Patch, Vendor Advisory () http://secunia.com/advisories/21641 - Broken Link, Patch, Vendor Advisory
References () http://secunia.com/advisories/21696 - Broken Link, Vendor Advisory () http://secunia.com/advisories/21696 - Broken Link, Vendor Advisory
References () http://secunia.com/advisories/21700 - Broken Link, Vendor Advisory () http://secunia.com/advisories/21700 - Broken Link, Vendor Advisory
References () http://secunia.com/advisories/21749 - Broken Link, Vendor Advisory () http://secunia.com/advisories/21749 - Broken Link, Vendor Advisory
References () http://secunia.com/advisories/22369 - Broken Link, Vendor Advisory () http://secunia.com/advisories/22369 - Broken Link, Vendor Advisory
References () http://securitytracker.com/id?1016753 - Broken Link, Patch, Third Party Advisory, VDB Entry () http://securitytracker.com/id?1016753 - Broken Link, Patch, Third Party Advisory, VDB Entry
References () http://sunsolve.sun.com/search/document.do?assetkey=1-26-102664-1 - Broken Link () http://sunsolve.sun.com/search/document.do?assetkey=1-26-102664-1 - Broken Link
References () http://www.attrition.org/pipermail/vim/2006-August/000999.html - Mailing List () http://www.attrition.org/pipermail/vim/2006-August/000999.html - Mailing List
References () http://www.debian.org/security/2006/dsa-1164 - Broken Link () http://www.debian.org/security/2006/dsa-1164 - Broken Link
References () http://www.mandriva.com/security/advisories?name=MDKSA-2006:156 - Broken Link () http://www.mandriva.com/security/advisories?name=MDKSA-2006:156 - Broken Link
References () http://www.novell.com/linux/security/advisories/2006_21_sr.html - Broken Link () http://www.novell.com/linux/security/advisories/2006_21_sr.html - Broken Link
References () http://www.openbsd.org/errata.html#sendmail3 - Release Notes () http://www.openbsd.org/errata.html#sendmail3 - Release Notes
References () http://www.openbsd.org/errata38.html#sendmail3 - Third Party Advisory () http://www.openbsd.org/errata38.html#sendmail3 - Third Party Advisory
References () http://www.osvdb.org/28193 - Broken Link () http://www.osvdb.org/28193 - Broken Link
References () http://www.securityfocus.com/bid/19714 - Broken Link, Patch, Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/19714 - Broken Link, Patch, Third Party Advisory, VDB Entry
References () http://www.sendmail.org/releases/8.13.8.html - Release Notes () http://www.sendmail.org/releases/8.13.8.html - Release Notes
References () http://www.vupen.com/english/advisories/2006/3393 - Broken Link, Vendor Advisory () http://www.vupen.com/english/advisories/2006/3393 - Broken Link, Vendor Advisory
References () http://www.vupen.com/english/advisories/2006/3994 - Broken Link, Vendor Advisory () http://www.vupen.com/english/advisories/2006/3994 - Broken Link, Vendor Advisory

15 Feb 2024, 21:20

Type Values Removed Values Added
References () http://secunia.com/advisories/21637 - Patch, Vendor Advisory () http://secunia.com/advisories/21637 - Broken Link, Patch, Vendor Advisory
References () http://secunia.com/advisories/21641 - Patch, Vendor Advisory () http://secunia.com/advisories/21641 - Broken Link, Patch, Vendor Advisory
References () http://secunia.com/advisories/21696 - Vendor Advisory () http://secunia.com/advisories/21696 - Broken Link, Vendor Advisory
References () http://secunia.com/advisories/21700 - Vendor Advisory () http://secunia.com/advisories/21700 - Broken Link, Vendor Advisory
References () http://secunia.com/advisories/21749 - Vendor Advisory () http://secunia.com/advisories/21749 - Broken Link, Vendor Advisory
References () http://secunia.com/advisories/22369 - Vendor Advisory () http://secunia.com/advisories/22369 - Broken Link, Vendor Advisory
References () http://securitytracker.com/id?1016753 - Patch () http://securitytracker.com/id?1016753 - Broken Link, Patch, Third Party Advisory, VDB Entry
References () http://sunsolve.sun.com/search/document.do?assetkey=1-26-102664-1 - () http://sunsolve.sun.com/search/document.do?assetkey=1-26-102664-1 - Broken Link
References () http://www.attrition.org/pipermail/vim/2006-August/000999.html - () http://www.attrition.org/pipermail/vim/2006-August/000999.html - Mailing List
References () http://www.debian.org/security/2006/dsa-1164 - () http://www.debian.org/security/2006/dsa-1164 - Broken Link
References () http://www.mandriva.com/security/advisories?name=MDKSA-2006:156 - () http://www.mandriva.com/security/advisories?name=MDKSA-2006:156 - Broken Link
References () http://www.novell.com/linux/security/advisories/2006_21_sr.html - () http://www.novell.com/linux/security/advisories/2006_21_sr.html - Broken Link
References () http://www.openbsd.org/errata.html#sendmail3 - () http://www.openbsd.org/errata.html#sendmail3 - Release Notes
References () http://www.openbsd.org/errata38.html#sendmail3 - () http://www.openbsd.org/errata38.html#sendmail3 - Third Party Advisory
References () http://www.osvdb.org/28193 - () http://www.osvdb.org/28193 - Broken Link
References () http://www.securityfocus.com/bid/19714 - Patch () http://www.securityfocus.com/bid/19714 - Broken Link, Patch, Third Party Advisory, VDB Entry
References () http://www.sendmail.org/releases/8.13.8.html - Patch () http://www.sendmail.org/releases/8.13.8.html - Release Notes
References () http://www.vupen.com/english/advisories/2006/3393 - Vendor Advisory () http://www.vupen.com/english/advisories/2006/3393 - Broken Link, Vendor Advisory
References () http://www.vupen.com/english/advisories/2006/3994 - Vendor Advisory () http://www.vupen.com/english/advisories/2006/3994 - Broken Link, Vendor Advisory
CPE cpe:2.3:a:sendmail:sendmail:8.12.1:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12:beta5:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:5.65:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.8.8:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.10.1:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12.6:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.13.6:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12.10:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:4.55:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12:beta16:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12.8:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.10:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.13.7:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.13.3:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12.7:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12:beta12:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12.3:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.11.1:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12.5:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12.4:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12.2:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.13.4:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.13.5:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.11.5:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:5.59:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:5.61:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.11.6:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12:beta7:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.11.2:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12.0:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.11.3:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.10.2:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12.9:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.9.2:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12.11:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.9.1:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.9.3:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:4.1:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.9.0:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.11.7:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.12:beta10:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.11.4:*:*:*:*:*:*:*
cpe:2.3:a:sendmail:sendmail:8.11.0:*:*:*:*:*:*:*		 cpe:2.3:a:sendmail:sendmail:*:*:*:*:*:*:*:*
CVSS v2 : 5.0
v3 : unknown 		v2 : 5.0
v3 : 7.5
CWE CWE-399 CWE-416
Information

Published : 2006-08-29 00:04

Updated : 2024-11-21 00:15

NVD link : CVE-2006-4434

Mitre link : CVE-2006-4434

CVE.ORG link : CVE-2006-4434

JSON object : View

Products Affected

sendmail

  • sendmail
CWE
CWE-416

Use After Free