CVE-2006-1173

Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for performing 8-bit to 7-bit conversion, which prevents Sendmail from delivering queued messages and might lead to disk consumption by core dump files.

Affected Software

Name	Vendor	Start Version	End Version
Sendmail	Sendmail	8.9.2	8.9.2
Sendmail	Sendmail	8.12.11	8.12.11
Sendmail	Sendmail	8.11.4	8.11.4
Sendmail	Sendmail	*	8.13.6
Sendmail	Sendmail	8.13.4	8.13.4
Sendmail	Sendmail	8.8.8	8.8.8
Sendmail	Sendmail	8.11.7	8.11.7
Sendmail	Sendmail	8.13.1	8.13.1
Sendmail	Sendmail	8.12	8.12
Sendmail	Sendmail	8.11.1	8.11.1
Sendmail	Sendmail	8.11.0	8.11.0
Sendmail	Sendmail	8.13.5	8.13.5
Sendmail	Sendmail	8.12.3	8.12.3
Sendmail	Sendmail	8.11.3	8.11.3
Sendmail	Sendmail	8.12.8	8.12.8
Sendmail	Sendmail	8.12.9	8.12.9
Sendmail	Sendmail	8.9.1	8.9.1
Sendmail	Sendmail	8.10.2	8.10.2
Sendmail	Sendmail	8.12.4	8.12.4
Sendmail	Sendmail	8.12	8.12
Sendmail	Sendmail	8.9.0	8.9.0
Sendmail	Sendmail	8.10.1	8.10.1
Sendmail	Sendmail	8.12.1	8.12.1
Sendmail	Sendmail	8.11.6	8.11.6
Sendmail	Sendmail	8.12.5	8.12.5
Sendmail	Sendmail	8.13.1.2	8.13.1.2
Sendmail	Sendmail	8.10	8.10
Sendmail	Sendmail	8.12	8.12
Sendmail	Sendmail	8.9.3	8.9.3
Sendmail	Sendmail	8.12.0	8.12.0
Sendmail	Sendmail	8.12	8.12
Sendmail	Sendmail	8.12.6	8.12.6
Sendmail	Sendmail	8.12	8.12
Sendmail	Sendmail	8.12.2	8.12.2
Sendmail	Sendmail	8.11.2	8.11.2
Sendmail	Sendmail	8.13.0	8.13.0
Sendmail	Sendmail	8.12.7	8.12.7
Sendmail	Sendmail	8.12.10	8.12.10
Sendmail	Sendmail	8.11.5	8.11.5
Sendmail	Sendmail	8.13.3	8.13.3
Sendmail	Sendmail	8.13.2	8.13.2

NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-1173
CWE	https://cwe.mitre.org/data/definitions/399.html

Affected Software

References