CVE-2006-4434
Last modified
CVE-2006-4434 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. Use-after-free vulnerability in Sendmail before 8.13.8 allows remote attackers to cause a denial of service (crash) via a long "header line", which causes a previously freed variable to be referenced. NOTE: the original developer has disputed the severity of this issue, saying "The only denial of service that is possible here is to fill up the disk with core dumps if the OS actually generates different core dumps (which is unlikely)... EPSS estimates a 4.33% chance of exploitation in the next 30 days.
Description
Use-after-free vulnerability in Sendmail before 8.13.8 allows remote attackers to cause a denial of service (crash) via a long "header line", which causes a previously freed variable to be referenced. NOTE: the original developer has disputed the severity of this issue, saying "The only denial of service that is possible here is to fill up the disk with core dumps if the OS actually generates different core dumps (which is unlikely)... the bug is in the shutdown code (finis()) which leads directly to exit(3), i.e., the process would terminate anyway, no mail delivery or receiption is affected."
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Sendmail | Sendmail | < 8.13.8 |
References
- http://secunia.com/advisories/21637Broken Link, Patch, Vendor Advisory
- http://secunia.com/advisories/21641Broken Link, Patch, Vendor Advisory
- http://secunia.com/advisories/21696Broken Link, Vendor Advisory
- http://secunia.com/advisories/21700Broken Link, Vendor Advisory
- http://secunia.com/advisories/21749Broken Link, Vendor Advisory
- http://secunia.com/advisories/22369Broken Link, Vendor Advisory
- http://securitytracker.com/id?1016753Broken Link, Patch, Third Party Advisory, VDB Entry
- http://www.debian.org/security/2006/dsa-1164Broken Link
- http://www.openbsd.org/errata.html#sendmail3Release Notes
- http://www.openbsd.org/errata38.html#sendmail3Third Party Advisory
- http://www.osvdb.org/28193Broken Link
- http://www.securityfocus.com/bid/19714Broken Link, Patch, Third Party Advisory, VDB Entry
- http://www.sendmail.org/releases/8.13.8.htmlRelease Notes
- http://www.vupen.com/english/advisories/2006/3393Broken Link, Vendor Advisory
- http://www.vupen.com/english/advisories/2006/3994Broken Link, Vendor Advisory
- http://secunia.com/advisories/21637Broken Link, Patch, Vendor Advisory
- http://secunia.com/advisories/21641Broken Link, Patch, Vendor Advisory
- http://secunia.com/advisories/21696Broken Link, Vendor Advisory
- http://secunia.com/advisories/21700Broken Link, Vendor Advisory
- http://secunia.com/advisories/21749Broken Link, Vendor Advisory
- http://secunia.com/advisories/22369Broken Link, Vendor Advisory
- http://securitytracker.com/id?1016753Broken Link, Patch, Third Party Advisory, VDB Entry
- http://www.debian.org/security/2006/dsa-1164Broken Link
- http://www.openbsd.org/errata.html#sendmail3Release Notes
- http://www.openbsd.org/errata38.html#sendmail3Third Party Advisory
- http://www.osvdb.org/28193Broken Link
- http://www.securityfocus.com/bid/19714Broken Link, Patch, Third Party Advisory, VDB Entry
- http://www.sendmail.org/releases/8.13.8.htmlRelease Notes
- http://www.vupen.com/english/advisories/2006/3393Broken Link, Vendor Advisory
- http://www.vupen.com/english/advisories/2006/3994Broken Link, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2006-4434?
How severe is CVE-2006-4434?
How do I fix CVE-2006-4434?
Are you affected by CVE-2006-4434?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST