CVE-2006-1173
Severity Score
7.5
*CVSS v3
Exploit Likelihood
21.9%
*EPSS
Affected Versions
41
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for performing 8-bit to 7-bit conversion, which prevents Sendmail from delivering queued messages and might lead to disk consumption by core dump files.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2006-03-12 CVE Reserved
- 2006-06-07 CVE Published
- 2024-08-07 CVE Updated
- 2025-03-18 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-399: Resource Management Errors
CAPEC
References (58)
| URL | Tag | Source |
|---|---|---|
| http://securitytracker.com/id?1016295 | Vdb Entry | |
| http://support.avaya.com/elmodocs2/security/ASA-2006-148.htm | X_refsource_confirm | |
| http://www.f-secure.com/security/fsc-2006-5.shtml | X_refsource_confirm | |
| http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-18.html | X_refsource_confirm | |
| http://www.kb.cert.org/vuls/id/146718 | Third Party Advisory |
|
| http://www.osvdb.org/26197 | Vdb Entry | |
| http://www.securityfocus.com/archive/1/437928/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/archive/1/438241/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/archive/1/438330/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/archive/1/440744/100/0/threaded | Mailing List |
1 - 10 of 19
| URL | Date | SRC |
|---|