National Cyber-Alert System
Vulnerability Summary for CVE-2006-4434
Original release date:08/29/2006
Last revised:09/05/2008
Source:
US-CERT/NIST
Overview
Use-after-free vulnerability in Sendmail before 8.13.8 allows remote attackers to cause a denial of service (crash) via a long "header line", which causes a previously freed variable to be referenced. NOTE: the original developer has disputed the severity of this issue, saying "The only denial of service that is possible here is to fill up the disk with core dumps if the OS actually generates different core dumps (which is unlikely)... the bug is in the shutdown code (finis()) which leads directly to exit(3), i.e., the process would terminate anyway, no mail delivery or receiption is affected."
Impact
CVSS Severity (version 2.0):
Impact Subscore:
2.9
Exploitability Subscore:
10.0
CVSS Version 2 Metrics:
Access Vector: Network exploitable
Access Complexity: Low
Authentication: Not required to exploit
Impact Type:Allows disruption of serviceUnknown
- Official Statement from Red Hat (08/30/2006)
-
This flaw causes a crash but does not result in a denial of service against Sendmail and is therefore not a security issue.
References to Advisories, Solutions, and Tools
By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.
External Source: CONFIRM
Name: http://www.sendmail.org/releases/8.13.8.html
Type: Patch Information
External Source: BID
Name: 19714
Type: Patch Information
External Source: SECTRACK
Name: 1016753
Type: Patch Information
External Source: SECUNIA
Name: 21641
Type: Advisory; Patch Information
External Source: SECUNIA
Name: 21637
Type: Advisory; Patch Information
External Source: OPENBSD
Name: [3.8] 20060825 010: SECURITY FIX: August 25, 2006
External Source: OPENBSD
Name: [3.9] 20060825 005: SECURITY FIX: August 25, 2006
External Source: DEBIAN
Name: DSA-1164
External Source: VIM
Name: 20060829 Sendmail vendor dispute - CVE-2006-4434 (fwd)
External Source: SECUNIA
Name: 21700
External Source: SECUNIA
Name: 21696
External Source: MANDRIVA
Name: MDKSA-2006:156
External Source: OSVDB
Name: 28193
External Source: SUSE
Name: SUSE-SR:2006:021
External Source: MANDRIVA
Name: MDKSA-2006:156
External Source: VUPEN
Name: ADV-2006-3994
External Source: VUPEN
Name: ADV-2006-3393
External Source: SUNALERT
Name: 102664
External Source: SECUNIA
Name: 22369
External Source: SECUNIA
Name: 21749