CVE-2006-1173
CVSS5.0
发布时间 :2006-06-07 19:06:00
修订时间 :2011-05-13 00:00:00
NMCOPS    

[原文]Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for performing 8-bit to 7-bit conversion, which prevents Sendmail from delivering queued messages and might lead to disk consumption by core dump files.


[CNNVD]Sendmail MIME消息 远程拒绝服务漏洞(CNNVD-200606-168)

         Sendmail是很多大型站点都在使用的邮件传输代理(MTA)。
         Sendmail的递归mime8to7()函数在执行MIME转换时存在拒绝服务漏洞,远程攻击者可能利用此漏洞导致Sendmail发生拒绝服务。如果攻击者发送了深层嵌套的畸形MIME消息的话,则Sendmail在处理该消息时就会耗尽栈空间,导致无法传送队列中的消息。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CWE (弱点类目)

CWE-399 [资源管理错误]

- CPE (受影响的平台与产品)

cpe:/a:sendmail:sendmail:8.11.6Sendmail Sendmail 8.11.6
cpe:/a:sendmail:sendmail:8.13.1Sendmail Sendmail 8.13.1
cpe:/a:sendmail:sendmail:8.11.1Sendmail Sendmail 8.11.1
cpe:/a:sendmail:sendmail:8.12:beta12Sendmail Sendmail 8.12 Beta12
cpe:/a:sendmail:sendmail:8.12:beta16Sendmail Sendmail 8.12 Beta16
cpe:/a:sendmail:sendmail:8.12.5Sendmail Sendmail 8.12.5
cpe:/a:sendmail:sendmail:8.9.3Sendmail Sendmail 8.9.3
cpe:/a:sendmail:sendmail:8.12:beta5Sendmail Sendmail 8.12 Beta5
cpe:/a:sendmail:sendmail:8.12.1Sendmail Sendmail 8.12.1
cpe:/a:sendmail:sendmail:8.12.11Sendmail Sendmail 8.12.11
cpe:/a:sendmail:sendmail:8.13.1.2Sendmail Sendmail 8.13.1.2
cpe:/a:sendmail:sendmail:8.11.7Sendmail Sendmail 8.11.7
cpe:/a:sendmail:sendmail:8.12.6Sendmail Sendmail 8.12.6
cpe:/a:sendmail:sendmail:8.9.1Sendmail Sendmail 8.9.1
cpe:/a:sendmail:sendmail:8.8.8Sendmail Sendmail 8.8.8
cpe:/a:sendmail:sendmail:8.12:beta10Sendmail Sendmail 8.12 Beta10
cpe:/a:sendmail:sendmail:8.13.6Sendmail Sendmail 8.13.6
cpe:/a:sendmail:sendmail:8.12.9Sendmail Sendmail 8.12.9
cpe:/a:sendmail:sendmail:8.12.2Sendmail Sendmail 8.12.2
cpe:/a:sendmail:sendmail:8.9.0Sendmail Sendmail 8.9.0
cpe:/a:sendmail:sendmail:8.11.5Sendmail Sendmail 8.11.5
cpe:/a:sendmail:sendmail:8.11.0Sendmail Sendmail 8.11
cpe:/a:sendmail:sendmail:8.10Sendmail Sendmail 8.10
cpe:/a:sendmail:sendmail:8.11.4Sendmail Sendmail 8.11.4
cpe:/a:sendmail:sendmail:8.12.10Sendmail Sendmail 8.12.10
cpe:/a:sendmail:sendmail:8.11.2Sendmail Sendmail 8.11.2
cpe:/a:sendmail:sendmail:8.12.7Sendmail Sendmail 8.12.7
cpe:/a:sendmail:sendmail:8.9.2Sendmail Sendmail 8.9.2
cpe:/a:sendmail:sendmail:8.10.1Sendmail Sendmail 8.10.1
cpe:/a:sendmail:sendmail:8.11.3Sendmail Sendmail 8.11.3
cpe:/a:sendmail:sendmail:8.12:beta7Sendmail Sendmail 8.12 beta7
cpe:/a:sendmail:sendmail:8.12.0Sendmail Sendmail 8.12.0
cpe:/a:sendmail:sendmail:8.13.5Sendmail Sendmail 8.13.5
cpe:/a:sendmail:sendmail:8.12.3Sendmail Sendmail 8.12.3
cpe:/a:sendmail:sendmail:8.12.4Sendmail Sendmail 8.12.4
cpe:/a:sendmail:sendmail:8.13.4Sendmail Sendmail 8.13.4
cpe:/a:sendmail:sendmail:8.13.0Sendmail Sendmail 8.13.0
cpe:/a:sendmail:sendmail:8.13.3Sendmail Sendmail 8.13.3
cpe:/a:sendmail:sendmail:8.13.2Sendmail Sendmail 8.13.2
cpe:/a:sendmail:sendmail:8.12.8Sendmail Sendmail 8.12.8
cpe:/a:sendmail:sendmail:8.10.2Sendmail Sendmail 8.10.2

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:11253Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaus...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1173
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-1173
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200606-168
(官方数据源) CNNVD

- 其它链接及资源

http://www.kb.cert.org/vuls/id/146718
(VENDOR_ADVISORY)  CERT-VN  VU#146718
http://www.sendmail.com/security/advisories/SA-200605-01.txt.asc
(VENDOR_ADVISORY)  CONFIRM  http://www.sendmail.com/security/advisories/SA-200605-01.txt.asc
http://www.securityfocus.com/bid/18433
(PATCH)  BID  18433
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102460-1
(VENDOR_ADVISORY)  SUNALERT  102460
http://secunia.com/advisories/20473
(VENDOR_ADVISORY)  SECUNIA  20473
http://secunia.com/advisories/15779
(VENDOR_ADVISORY)  SECUNIA  15779
https://issues.rpath.com/browse/RPL-526
(UNKNOWN)  CONFIRM  https://issues.rpath.com/browse/RPL-526
http://xforce.iss.net/xforce/xfdb/27128
(UNKNOWN)  XF  sendmail-multipart-mime-dos(27128)
http://www.vupen.com/english/advisories/2006/3135
(UNKNOWN)  VUPEN  ADV-2006-3135
http://www.vupen.com/english/advisories/2006/2798
(UNKNOWN)  VUPEN  ADV-2006-2798
http://www.vupen.com/english/advisories/2006/2390
(UNKNOWN)  VUPEN  ADV-2006-2390
http://www.vupen.com/english/advisories/2006/2389
(VENDOR_ADVISORY)  VUPEN  ADV-2006-2389
http://www.vupen.com/english/advisories/2006/2388
(UNKNOWN)  VUPEN  ADV-2006-2388
http://www.vupen.com/english/advisories/2006/2351
(UNKNOWN)  VUPEN  ADV-2006-2351
http://www.vupen.com/english/advisories/2006/2189
(UNKNOWN)  VUPEN  ADV-2006-2189
http://www.securityfocus.com/archive/1/archive/1/442939/100/0/threaded
(UNKNOWN)  HP  HPSBUX02124
http://www.securityfocus.com/archive/1/archive/1/442939/100/0/threaded
(UNKNOWN)  HP  SSRT061159
http://www.securityfocus.com/archive/1/archive/1/440744/100/0/threaded
(UNKNOWN)  BUGTRAQ  20060721 rPSA-2006-0134-1 sendmail sendmail-cf
http://www.securityfocus.com/archive/1/archive/1/438330/100/0/threaded
(UNKNOWN)  BUGTRAQ  20060624 Re: Sendmail MIME DoS vulnerability
http://www.securityfocus.com/archive/1/archive/1/438241/100/0/threaded
(UNKNOWN)  BUGTRAQ  20060621 Re: Sendmail MIME DoS vulnerability
http://www.securityfocus.com/archive/1/archive/1/437928/100/0/threaded
(UNKNOWN)  BUGTRAQ  20060620 Sendmail MIME DoS vulnerability
http://www.redhat.com/support/errata/RHSA-2006-0515.html
(UNKNOWN)  REDHAT  RHSA-2006:0515
http://www.osvdb.org/26197
(UNKNOWN)  OSVDB  26197
http://www.openbsd.org/errata38.html#sendmail2
(UNKNOWN)  OPENBSD  [3.8] 008: SECURITY FIX: June 15, 2006
http://www.mandriva.com/security/advisories?name=MDKSA-2006:104
(UNKNOWN)  MANDRIVA  MDKSA-2006:104
http://www.gentoo.org/security/en/glsa/glsa-200606-19.xml
(UNKNOWN)  GENTOO  GLSA-200606-19
http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-18.html
(UNKNOWN)  CONFIRM  http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-18.html
http://www.f-secure.com/security/fsc-2006-5.shtml
(UNKNOWN)  CONFIRM  http://www.f-secure.com/security/fsc-2006-5.shtml
http://www.debian.org/security/2006/dsa-1155
(UNKNOWN)  DEBIAN  DSA-1155
http://www-1.ibm.com/support/search.wss?rs=0&q=IY85930&apar=only
(UNKNOWN)  AIXAPAR  IY85930
http://www-1.ibm.com/support/search.wss?rs=0&q=IY85415&apar=only
(UNKNOWN)  AIXAPAR  IY85415
http://support.avaya.com/elmodocs2/security/ASA-2006-148.htm
(UNKNOWN)  CONFIRM  http://support.avaya.com/elmodocs2/security/ASA-2006-148.htm
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.631382
(UNKNOWN)  SLACKWARE  SSA:2006-166-01
http://securitytracker.com/id?1016295
(UNKNOWN)  SECTRACK  1016295
http://secunia.com/advisories/21647
(VENDOR_ADVISORY)  SECUNIA  21647
http://secunia.com/advisories/21612
(VENDOR_ADVISORY)  SECUNIA  21612
http://secunia.com/advisories/21327
(VENDOR_ADVISORY)  SECUNIA  21327
http://secunia.com/advisories/21160
(VENDOR_ADVISORY)  SECUNIA  21160
http://secunia.com/advisories/21042
(VENDOR_ADVISORY)  SECUNIA  21042
http://secunia.com/advisories/20782
(VENDOR_ADVISORY)  SECUNIA  20782
http://secunia.com/advisories/20726
(VENDOR_ADVISORY)  SECUNIA  20726
http://secunia.com/advisories/20694
(VENDOR_ADVISORY)  SECUNIA  20694
http://secunia.com/advisories/20684
(VENDOR_ADVISORY)  SECUNIA  20684
http://secunia.com/advisories/20683
(VENDOR_ADVISORY)  SECUNIA  20683
http://secunia.com/advisories/20679
(VENDOR_ADVISORY)  SECUNIA  20679
http://secunia.com/advisories/20675
(VENDOR_ADVISORY)  SECUNIA  20675
http://secunia.com/advisories/20673
(VENDOR_ADVISORY)  SECUNIA  20673
http://secunia.com/advisories/20654
(VENDOR_ADVISORY)  SECUNIA  20654
http://secunia.com/advisories/20651
(VENDOR_ADVISORY)  SECUNIA  20651
http://secunia.com/advisories/20650
(VENDOR_ADVISORY)  SECUNIA  20650
http://secunia.com/advisories/20641
(VENDOR_ADVISORY)  SECUNIA  20641
http://lists.suse.com/archive/suse-security-announce/2006-Jun/0006.html
(UNKNOWN)  SUSE  SUSE-SA:2006:032
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00692635
(UNKNOWN)  HP  SSRT061135
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00692635
(UNKNOWN)  HP  HPSBTU02116
ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc
(UNKNOWN)  SGI  20060602-01-U
ftp://patches.sgi.com/support/free/security/advisories/20060601-01-P
(UNKNOWN)  SGI  20060601-01-P
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:17.sendmail.asc
(UNKNOWN)  FREEBSD  FreeBSD-SA-06:17.sendmail

- 漏洞信息

Sendmail MIME消息 远程拒绝服务漏洞
中危 其他
2006-06-07 00:00:00 2006-06-19 00:00:00
远程  
         Sendmail是很多大型站点都在使用的邮件传输代理(MTA)。
         Sendmail的递归mime8to7()函数在执行MIME转换时存在拒绝服务漏洞,远程攻击者可能利用此漏洞导致Sendmail发生拒绝服务。如果攻击者发送了深层嵌套的畸形MIME消息的话,则Sendmail在处理该消息时就会耗尽栈空间,导致无法传送队列中的消息。

- 公告与补丁

        临时解决方法:
        * 删除栈大小限制
        * 限制消息大小
        * 如下配置MTA防止负面影响:
         1 禁止core dump
         2 允许ForkEachJob选项较低的队列运行性能和较高的进程数
         3 将QueueSortOrder设置为随机
        厂商补丁:
        FreeBSD
        -------
        FreeBSD已经为此发布了一个安全公告(FreeBSD-SA-06:17)以及相应补丁:
        FreeBSD-SA-06:17:Incorrect multipart message handling in Sendmail
        链接:ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:17.sendmail.asc
        HP
        --
        HP已经为此发布了一个安全公告(HPSBTU02116)以及相应补丁:
        HPSBTU02116:SSRT061135 rev.1 - HP Tru64 UNIX and HP Internet Express for Tru64 UNIX Running sendmail, Remote Execution of Arbitrary Code or Denial of Service (DoS)
        链接:
        http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00692635&hpweb_printable=true

        RedHat
        ------
        RedHat已经为此发布了一个安全公告(RHSA-2006:0515-01)以及相应补丁:
        RHSA-2006:0515-01:Important: sendmail security update
        链接:
        http://lwn.net/Alerts/187986/

        Sendmail Consortium
        -------------------
        目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
        ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.13.7.tar.gz
        SGI
        ---
        SGI已经为此发布了一个安全公告(20060602-01-U)以及相应补丁:
        20060602-01-U:SGI Advanced Linux Environment 3 Security Update #59
        链接:ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc
        Sun
        ---
        Sun已经为此发布了一个安全公告(Sun-Alert-102460)以及相应补丁:
        Sun-Alert-102460:A Security Vulnerability in sendmail(1M) Versions Prior to 8.13.7 May Allow a Denial of Service (DoS) To Occur
        链接:
        http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-26-102460-1

        Gentoo
        ------
        Gentoo已经为此发布了一个安全公告(GLSA-200606-19)以及相应补丁:
        GLSA-200606-19:Sendmail: Denial of Service
        链接:
        http://security.gentoo.org/glsa/glsa-200606-19.xml
目前我们尚不清楚是否有任何厂商提供针对这一问题的修补程序。如果您发现我们信息有误或者了解更新的信息,请给我们发邮件:vuldb@securityfocus.com。

- 漏洞信息 (F49465)

Debian Linux Security Advisory 1155-1 (PacketStormID:F49465)
2006-08-28 00:00:00
Debian  debian.org
advisory
linux,debian
CVE-2006-1173
[点击下载]

Debian Security Advisory 1155-1 - Frank Sheiness discovered that a MIME conversion routine in sendmail, a powerful, efficient, and scalable mail transport agent, could be tricked by a specially crafted mail to perform an endless recursion.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 1155-1                    security@debian.org
http://www.debian.org/security/                             Martin Schulze
August 24th, 2006                       http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : sendmail
Vulnerability  : programming error
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2006-1173
CERT advisory  : VU#146718
BugTraq ID     : 18433
Debian Bug     : 373801 380258

Frank Sheiness discovered that a MIME conversion routine in sendmail,
a powerful, efficient, and scalable mail transport agent, could be
tricked by a specially crafted mail to perform an endless recursion.

For the stable distribution (sarge) this problem has been fixed in
version 8.13.4-3sarge2.

For the unstable distribution (sid) this problem has been fixed in
version 8.13.7-1.

We recommend that you upgrade your sendmail package.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.13.4-3sarge2.dsc
      Size/MD5 checksum:      910 960ea60c4191d0dffc223bc87bdc8b60
    http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.13.4-3sarge2.diff.gz
      Size/MD5 checksum:   384830 5746beee4bf07d3ed740f4835bc7fa36
    http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.13.4.orig.tar.gz
      Size/MD5 checksum:  1968047 d80dc659df96c63d227ed80c0c71b708

  Architecture independent components:

    http://security.debian.org/pool/updates/main/s/sendmail/sendmail-base_8.13.4-3sarge2_all.deb
      Size/MD5 checksum:   342338 33201cb38ffe42ee9f13e7cfd534cd77
    http://security.debian.org/pool/updates/main/s/sendmail/sendmail-cf_8.13.4-3sarge2_all.deb
      Size/MD5 checksum:   280724 fc323a1ae0ba4207bf485d0950838126
    http://security.debian.org/pool/updates/main/s/sendmail/sendmail-doc_8.13.4-3sarge2_all.deb
      Size/MD5 checksum:   815978 b96cb196d23aa2f66dba83a3f4220fe6
    http://security.debian.org/pool/updates/main/s/sendmail/sendmail_8.13.4-3sarge2_all.deb
      Size/MD5 checksum:   193664 014094391c524db1f1eae96f6c7bae22

  Alpha architecture:

    http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge2_alpha.deb
      Size/MD5 checksum:   319036 3f4eb80c71a8bc63b7dc74af4d330e39
    http://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge2_alpha.deb
      Size/MD5 checksum:   215600 5f2a9cbb0a24465ed648926037038edd
    http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge2_alpha.deb
      Size/MD5 checksum:   228830 e8d15c3f6d26ca8d908e42b07bc7042f
    http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge2_alpha.deb
      Size/MD5 checksum:   953944 46d247fc609bbb701634f51173d04a33
    http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge2_alpha.deb
      Size/MD5 checksum:   198126 f8cce9c9d0f6b8a393e70f37b4078769

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge2_amd64.deb
      Size/MD5 checksum:   296580 dbb1c9930fdd39d78f00165ab3bd4103
    http://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge2_amd64.deb
      Size/MD5 checksum:   213218 5bf6afa8b44b7a85a639809c82294635
    http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge2_amd64.deb
      Size/MD5 checksum:   225286 f0eb29825d98fae3ae47aca60cc25d59
    http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge2_amd64.deb
      Size/MD5 checksum:   851166 2ab733eb6108e0cb75f461ee855f602a
    http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge2_amd64.deb
      Size/MD5 checksum:   197680 edb148b36ded61b6bd0615d120508605

  ARM architecture:

    http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge2_arm.deb
      Size/MD5 checksum:   291930 5e7634c0a8733b0bce07d65e73a4ef16
    http://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge2_arm.deb
      Size/MD5 checksum:   211570 6b4962041621b2dda3d2201f7107a8d3
    http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge2_arm.deb
      Size/MD5 checksum:   223674 f10af1dde65c5055fdec8cb31e089264
    http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge2_arm.deb
      Size/MD5 checksum:   829316 da778ae1e36441fc81219ba1c9424e94
    http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge2_arm.deb
      Size/MD5 checksum:   197238 e35b5bc8eb4f209b556ffae5f5b182ca

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge2_i386.deb
      Size/MD5 checksum:   287210 b0906f03f7965d82207c9510cafb6bca
    http://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge2_i386.deb
      Size/MD5 checksum:   211614 1b239843c9a627900d62208144c4425c
    http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge2_i386.deb
      Size/MD5 checksum:   222384 101b1290a634f1f3b0fbe385fa3f00ea
    http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge2_i386.deb
      Size/MD5 checksum:   812502 f4533171ad66b3d3bb5e3457b8f072eb
    http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge2_i386.deb
      Size/MD5 checksum:   197280 bb50d3704bcd94d8fc391dd2b6bf4a89

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge2_ia64.deb
      Size/MD5 checksum:   330728 ce5076cdb2b4d6841697f8441b903c4b
    http://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge2_ia64.deb
      Size/MD5 checksum:   220454 1bf7b131f12c5efedf329a8c606a6905
    http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge2_ia64.deb
      Size/MD5 checksum:   239680 702d539a34fd1b1316fedda55b7e5ae1
    http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge2_ia64.deb
      Size/MD5 checksum:  1162596 3f9c5fd6e4e58d09c488d1e18e5e8199
    http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge2_ia64.deb
      Size/MD5 checksum:   198966 82381861fc653cc8bcc0bdd11b6c982e

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge2_hppa.deb
      Size/MD5 checksum:   301512 c527f00a3851404869c148a30de682e0
    http://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge2_hppa.deb
      Size/MD5 checksum:   215652 e9019f514e994d2b2582250d06f65ea0
    http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge2_hppa.deb
      Size/MD5 checksum:   229404 030689791d9ab55108b00d22147cde0a
    http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge2_hppa.deb
      Size/MD5 checksum:   919820 3309c8104d8eaa73abdcf90d1802204e
    http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge2_hppa.deb
      Size/MD5 checksum:   198126 49d18720f3e53fe2f1d8e092e98cf105

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge2_m68k.deb
      Size/MD5 checksum:   272812 11e4cc568a7889458d932db6d4ac61b6
    http://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge2_m68k.deb
      Size/MD5 checksum:   210862 d51962d3877927d9e222d9ef941885bb
    http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge2_m68k.deb
      Size/MD5 checksum:   218874 fa8b57e8b977426f6a6acb8a7c6a7c22
    http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge2_m68k.deb
      Size/MD5 checksum:   728524 3c3a0ed89e720c9b5b676238fd4906cb
    http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge2_m68k.deb
      Size/MD5 checksum:   197172 6da127ab094398d33fdce92e4cdb0877

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge2_mips.deb
      Size/MD5 checksum:   293164 1da7ab05880c74c77e1cfe49d1c6b186
    http://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge2_mips.deb
      Size/MD5 checksum:   212044 ea8f0785e2e23695b5a8ce9a6db0b241
    http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge2_mips.deb
      Size/MD5 checksum:   227376 38b9b47ea73e44456eb0ef18b5575f8c
    http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge2_mips.deb
      Size/MD5 checksum:   883436 4880521485f9c36548703ca007286f7e
    http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge2_mips.deb
      Size/MD5 checksum:   198136 5d31a8e053390f018f549fcdcff7c8cf

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge2_mipsel.deb
      Size/MD5 checksum:   293964 07b24d641a5badff3feebb780f62d335
    http://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge2_mipsel.deb
      Size/MD5 checksum:   212342 e3e0903028c33b5f74e5f51d65513069
    http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge2_mipsel.deb
      Size/MD5 checksum:   227662 224ac71024df656f978bf77c02179a5e
    http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge2_mipsel.deb
      Size/MD5 checksum:   887092 c8226b40bacb22ea6141657fd7ac5566
    http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge2_mipsel.deb
      Size/MD5 checksum:   198308 9007cddf32c14fb0d26206a80be71953

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge2_powerpc.deb
      Size/MD5 checksum:   296008 826ce4a9a5269b1be8867f3f119ff58b
    http://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge2_powerpc.deb
      Size/MD5 checksum:   216294 078a2c789c479c1382b9b639a0738b88
    http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge2_powerpc.deb
      Size/MD5 checksum:   228474 2b02f60ae2c6dfa8de9f5e5c62bf3d59
    http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge2_powerpc.deb
      Size/MD5 checksum:   867134 32296265a4e142ac4ec55a50b28bc050
    http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge2_powerpc.deb
      Size/MD5 checksum:   199352 7abc4f13f6351f1d93e548e2ecfd215e

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge2_s390.deb
      Size/MD5 checksum:   295158 5b5e75a74f2ff91c4a301057e22c26fb
    http://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge2_s390.deb
      Size/MD5 checksum:   213298 fff5231f97b037d64e6fad5b200f558e
    http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge2_s390.deb
      Size/MD5 checksum:   228670 f3aaf184734fdfdd7cb1aecac78f4827
    http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge2_s390.deb
      Size/MD5 checksum:   875180 ba43126125f6da96878fc89fd971765c
    http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge2_s390.deb
      Size/MD5 checksum:   197662 b59525ac3fc1d4ab781646c50c35217e

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/s/sendmail/libmilter-dev_8.13.4-3sarge2_sparc.deb
      Size/MD5 checksum:   285396 bdfb343b56374589948a271ca0a83acd
    http://security.debian.org/pool/updates/main/s/sendmail/libmilter0_8.13.4-3sarge2_sparc.deb
      Size/MD5 checksum:   211612 776d54b96a9a5dbc465d97492025a050
    http://security.debian.org/pool/updates/main/s/sendmail/rmail_8.13.4-3sarge2_sparc.deb
      Size/MD5 checksum:   222882 fc69af2a76b50b938d9aacf8f978c025
    http://security.debian.org/pool/updates/main/s/sendmail/sendmail-bin_8.13.4-3sarge2_sparc.deb
      Size/MD5 checksum:   819474 cdafeb8dadc08275dd9cb2db5397b6f8
    http://security.debian.org/pool/updates/main/s/sendmail/sensible-mda_8.13.4-3sarge2_sparc.deb
      Size/MD5 checksum:   197400 11d3a7c2a52c824eb4002c5954d1c81a


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFE7UX+W5ql+IAeqTIRAuSkAJ9vZ1QJw5o+LEiBfiQuFxB6P3nuuwCgqMH6
BQBhHFJ6SSX2VT9f5YlLNJ8=
=W116
-----END PGP SIGNATURE-----

    

- 漏洞信息 (F49015)

HP Security Bulletin 2006-11.59 (PacketStormID:F49015)
2006-08-17 00:00:00
Hewlett Packard,HP  hp.com
advisory,remote,denial of service
hpux
CVE-2006-1173
[点击下载]

HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running Sendmail processing malformed multipart MIME messages. This vulnerability could potentially allow a remote unauthenticated user to cause a Denial of Service (DoS).

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SUPPORT COMMUNICATION - SECURITY BULLETIN

Document ID: c00680632
Version: 1

HPSBUX02124 SSRT061159 rev.1 - HP-UX Sendmail MIME Remote Denial of Service (DoS)

NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

Release Date: 2006-07-31
Last Updated: 2006-07-31

Potential Security Impact: Remote Denial of Service (DoS)

Source: Hewlett-Packard Company, HP Software Security Response Team

VULNERABILITY SUMMARY
A potential security vulnerability has been identified with HP-UX running Sendmail 
processing malformed multipart MIME messages. This vulnerability could potentially 
allow a remote unauthenticated user to cause a Denial of Service (DoS).

References: CVE-2006-1173

SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.
HP-UX B.11.00, B.11.04, B.11.11, B.11.23

BACKGROUND

To determine if an HP-UX system has an affected version, search the output of 
"swlist -a revision -l fileset" for one of the filesets listed below. For affected 
systems verify that the recommended action has been taken.

AFFECTED VERSIONS

For sendmail 8.13.3
HP-UX B.11.23
==========
SMAIL-UPGRADE.INET-SMAIL
SMAIL-UPGRADE.INET2-SMAIL
action: install revision B.11.23.01.003 or subsequent
URL: http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=SMAIL813

HP-UX B.11.11
===========
SMAIL-UPGRADE.INETSVCS-SMAIL
action: install revision B.11.11.02.004 or subsequent
URL: http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=SMAIL813

For sendmail 8.11.1
HP-UX B.11.23
==========
InternetSrvcs.INETSVCS2-RUN
action: install PHNE_34689 or subsequent

HP-UX B.11.11
===========
SMAIL-811.INETSVCS-SMAIL
 ->action: install revision B.11.11.01.010 or subsequent
URL: ftp://sendmail:sendmail@hprc.external.hp.com/sendmail-811_10.depot

HP-UX B.11.00
===========
SMAIL-811.INETSVCS-SMAIL
action: install revision B.11.00.01.009 or subsequent
URL: http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=SMAIL811

For sendmail 8.9.3
HP-UX B.11.11
===========
InternetSrvcs.INETSVCS-RUN
action: install PHNE_34936 or subsequent

HP-UX B.11.04
===========
InternetSrvcs.INETSVCS-RUN
action: install PHNE_34927 or subsequent

HP-UX B.11.00
===========
InternetSrvcs.INETSVCS-RUN
action: install PHNE_34900 or subsequent

For sendmail 8.8.6
HP-UX B.11.00
==========
InternetSrvcs.INETSVCS-RUN
action: install PHNE_34900 or subsequent

END AFFECTED VERSIONS

RESOLUTION

HP has made the following software updates and patches available to resolve the issue.
PHNE_34689 PHNE_34900 PHNE_34927 PHNE_34936 SMAIL-811, SMAIL-UPGRADE
The patches are available from http://itrc.hp.com
while webupgrades for sendmail 8.13.3 on B.11.11 as well as for sendmail 8.11.1 
can be downloaded from http://software.hp.com

The following banner output and what(1) strings from these new binaries 
(as of this bulletin release) are for reference.

For sendmail 8.13.3, HP-UX B.11.23
sendmail -bs banner:
Sendmail version 8.13.3 - Revision 1.003 - 2006/05/24
what(1) string:
Sendmail version 8.13.3 - Revision 1.003 - 05/24/2006
URL: http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=SMAIL813

For sendmail 8.13.3, HP-UX B.11.11
sendmail -bs banner:
Sendmail version 8.13.3 - Revision 2.004 - 2006/06/29
what(1) string:
Sendmail version 8.13.3 - Revision 2.004 - 06/29/2006
URL: http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=SMAIL813

For sendmail 8.11.1, HP-UX B.11.23
sendmail -bs banner:
Sendmail 8.11.1 (Revision 1.09)/8.9.3
what(1) string:
version.c 8.11.1 (Berkeley) - 28th June 2006 (PHNE_34689)

For sendmail 8.11.1, HP-UX B.11.11
sendmail-811_10.depot
cksum 3720753575 2949120
md5 01f5e7c1a67c0b0a1103abdaa2907f21
sendmail -bs banner:
Sendmail 8.11.1 (Revision 1.10)
what(1) string:
version.c 8.11.1 (Berkeley) - (Revision 1.10) - 17th July 2006

For sendmail 8.11.1, HP-UX B.11.00
sendmail -bs banner:
Sendmail 8.11.1 - (Revision 1.09)
what(1) string:
version.c 8.11.1 (Berkeley) - (Revision 1.09) - 4th July 2006

For sendmail 8.9.3, HP-UX B.11.11
Install PHNE_34936 or subsequent

For sendmail 8.9.3, HP-UX B.11.00
Install PHNE_34900 or subsequent

For sendmail 8.9.3, HP-UX B.11.04
Install PHNE_34927 or subsequent
sendmail -bs banner:
Sendmail 8.9.3 (PHNE_32006)/8.9.3; Fri, 7 Jul 2006
what(1) string:
version.c 8.9.3.1 (Berkeley) 11/05/2006 (PHNE_32006)
Special Installation Instructions - Note: sendmail is not supported in daemon mode on 
VVOS platforms. It is provided as a mailing agent (outbound) only.

For sendmail 8.8.6, HP-UX B.11.00
Install PHNE_32006 or subsequent
Note: PHNE_32006 or subsequent upgrades sendmail 8.8.6 to sendmail 8.9.3.

MANUAL ACTIONS: Yes - Update
HP-UX B.11.23 - install software upgrade
HP-UX B.11.11 - install software upgrade
HP-UX B.11.00 - install software upgrade

PRODUCT SPECIFIC INFORMATION
HP-UX Security Patch Check: Security Patch Check revision B.02.00 analyzes all 
HP-issued Security Bulletins to provide a subset of recommended actions that 
potentially affect a specific HP-UX system. For more information: http://software.hp.com/portal/swdepot/displayProductInfo.do?_productNumber=B6834AA

HISTORY:
Version: 1 (rev.1) - 31 July 2006 Initial release

Support: For further information, contact normal HP Services
support channel.

Report: To report a potential security vulnerability with any HP
supported product, send Email to: security-alert@hp.com.  It is
strongly recommended that security related information being
communicated to HP be encrypted using PGP, especially exploit
information.  To get the security-alert PGP key, please send an
e-mail message as follows:
  To: security-alert@hp.com
  Subject: get key

Subscribe: To initiate a subscription to receive future HP
Security Bulletins via Email:
http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&
langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC

On the web page: ITRC security bulletins and patch sign-up
Under Step1: your ITRC security bulletins and patches
  - check ALL categories for which alerts are required and
    continue.
Under Step2: your ITRC operating systems
  - verify your operating system selections are checked and
    save.

To update an existing subscription:
http://h30046.www3.hp.com/subSignIn.php
Log in on the web page:
  Subscriber's choice for Business: sign-in.
On the web page:
  Subscriber's Choice: your profile summary
    - use Edit Profile to update appropriate sections.

To review previously published Security Bulletins visit:
http://www.itrc.hp.com/service/cki/secBullArchive.do

* The Software Product Category that this Security Bulletin
relates to is represented by the 5th and 6th characters of the
Bulletin number in the title:

    GN = HP General SW,
    MA = HP Management Agents,
    MI = Misc. 3rd party SW,
    MP = HP MPE/iX,
    NS = HP NonStop Servers,
    OV = HP OpenVMS,
    PI = HP Printing & Imaging,
    ST = HP Storage SW,
    TL = HP Trusted Linux,
    TU = HP Tru64 UNIX,
    UX = HP-UX,
    VV = HP Virtual Vault


System management and security procedures must be reviewed
frequently to maintain system integrity. HP is continually
reviewing and enhancing the security features of software products
to provide customers with current secure solutions.

"HP is broadly distributing this Security Bulletin in order to
bring to the attention of users of the affected HP products the
important security information contained in this Bulletin. HP
recommends that all users determine the applicability of this
information to their individual situations and take appropriate
action. HP does not warrant that this information is necessarily
accurate or complete for all user situations and, consequently, HP
will not be responsible for any damages resulting from user's use
or disregard of the information provided in this Bulletin. To the
extent permitted by law, HP disclaims all warranties, either
express or implied, including the warranties of merchantability
and fitness for a particular purpose, title and non-infringement."


(c)Copyright 2006 Hewlett-Packard Development Company, L.P.
Hewlett-Packard Company shall not be liable for technical or
editorial errors or omissions contained herein. The information
provided is provided "as is" without warranty of any kind. To the
extent permitted by law, neither HP nor its affiliates,
subcontractors or suppliers will be liable for incidental, special
or consequential damages including downtime cost; lost profits;
damages relating to the procurement of substitute products or
services; or damages for loss of data, or software restoration.
The information in this document is subject to change without
notice. Hewlett-Packard Company and the names of Hewlett-Packard
products referenced herein are trademarks of Hewlett-Packard
Company in the United States and other countries. Other product
and company names mentioned herein may be trademarks of their
respective owners.

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBRNCCBuAfOvwtKn1ZEQLOzgCg4HtxLr63F+jjlMK6cXTL63M6lUsAoJMd
5OTMsloIbjdc2uOP3UdGseWH
=FRYw
-----END PGP SIGNATURE-----
    

- 漏洞信息 (F47552)

FreeBSD-SA-06-17-sendmail.txt (PacketStormID:F47552)
2006-06-21 00:00:00
 
advisory
freebsd
CVE-2006-1173
[点击下载]

FreeBSD Security Advisory - A suitably malformed multipart MIME message can cause sendmail to exceed predefined limits on its stack usage.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=============================================================================
FreeBSD-SA-06:17.sendmail                                   Security Advisory
                                                          The FreeBSD Project

Topic:          Incorrect multipart message handling in Sendmail

Category:       contrib
Module:         contrib_sendmail
Announced:      2006-06-14
Affects:        All FreeBSD releases.
Corrected:      2006-06-14 15:58:23 UTC (RELENG_6, 6.1-STABLE)
                2006-06-14 15:59:28 UTC (RELENG_6_1, 6.1-RELEASE-p2)
                2006-06-14 15:59:37 UTC (RELENG_6_0, 6.0-RELEASE-p9)
                2006-06-14 16:00:02 UTC (RELENG_5, 5.5-STABLE)
                2006-06-14 16:00:22 UTC (RELENG_5_5, 5.5-RELEASE-p2)
                2006-06-14 16:00:42 UTC (RELENG_5_4, 5.4-RELEASE-p16)
                2006-06-14 16:00:56 UTC (RELENG_5_3, 5.3-RELEASE-p31)
                2006-06-14 16:01:06 UTC (RELENG_4, 4.11-STABLE)
                2006-06-14 16:01:21 UTC (RELENG_4_11, 4.11-RELEASE-p19)
CVE Name:       CVE-2006-1173

For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit
<URL:http://security.freebsd.org/>.

I.   Background

FreeBSD includes sendmail(8), a general purpose internetwork mail
routing facility, as the default Mail Transfer Agent (MTA).

II.  Problem Description

A suitably malformed multipart MIME message can cause sendmail to exceed
predefined limits on its stack usage.

III. Impact

An attacker able to send mail to, or via, a server can cause queued
messages on the system to not be delivered, by causing the sendmail process
which handles queued messages to crash.  Note that this will not stop new
messages from entering the queue (either from local processes, or incoming
via SMTP).

IV.  Workaround

No workaround is available, but systems which do not receive email from
untrusted sources are not vulnerable.

V.   Solution

Perform one of the following:

1) Upgrade your vulnerable system to 4-STABLE, 5-STABLE, or 6-STABLE,
or to the RELENG_6_1, RELENG_6_0, RELENG_5_5, RELENG_5_4, RELENG_5_3,
or RELENG_4_11 security branch dated after the correction date.

2) To patch your present system:

The following patches have been verified to apply to FreeBSD 4.11, 5.3,
5.4, 5.5, 6.0, and 6.1 systems.

a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.

# fetch http://security.FreeBSD.org/patches/SA-06:17/sendmail.patch
# fetch http://security.FreeBSD.org/patches/SA-06:17/sendmail.patch.asc

b) Execute the following commands as root:

# cd /usr/src
# patch < /path/to/patch
# cd /usr/src/lib/libsm
# make obj && make depend && make
# cd /usr/src/lib/libsmutil
# make obj && make depend && make
# cd /usr/src/usr.sbin/sendmail
# make obj && make depend && make && make install

VI.  Correction details

The following list contains the revision numbers of each file that was
corrected in FreeBSD.

Branch                                                           Revision
  Path
- -------------------------------------------------------------------------
RELENG_4
  src/contrib/sendmail/src/deliver.c                         1.1.1.3.2.24
  src/contrib/sendmail/src/mime.c                            1.1.1.3.2.14
  src/contrib/sendmail/src/sendmail.h                        1.1.1.4.2.31
RELENG_4_11
  src/UPDATING                                             1.73.2.91.2.19
  src/sys/conf/newvers.sh                                  1.44.2.39.2.22
  src/contrib/sendmail/src/deliver.c                     1.1.1.3.2.17.2.2
  src/contrib/sendmail/src/mime.c                         1.1.1.3.2.8.2.2
  src/contrib/sendmail/src/sendmail.h                    1.1.1.4.2.19.2.2
RELENG_5
  src/contrib/sendmail/src/deliver.c                         1.1.1.21.2.6
  src/contrib/sendmail/src/mime.c                            1.1.1.12.2.5
  src/contrib/sendmail/src/sendmail.h                        1.1.1.23.2.6
RELENG_5_5
  src/UPDATING                                             1.342.2.35.2.1
  src/sys/conf/newvers.sh                                   1.62.2.21.2.3
  src/contrib/sendmail/src/deliver.c                     1.1.1.21.2.4.2.1
  src/contrib/sendmail/src/mime.c                        1.1.1.12.2.3.2.1
  src/contrib/sendmail/src/sendmail.h                    1.1.1.23.2.4.2.1
RELENG_5_4
  src/UPDATING                                            1.342.2.24.2.24
  src/sys/conf/newvers.sh                                  1.62.2.18.2.20
  src/contrib/sendmail/src/deliver.c                     1.1.1.21.2.1.2.2
  src/contrib/sendmail/src/mime.c                        1.1.1.12.2.1.2.2
  src/contrib/sendmail/src/sendmail.h                    1.1.1.23.2.1.2.2
RELENG_5_3
  src/UPDATING                                            1.342.2.13.2.33
  src/sys/conf/newvers.sh                                  1.62.2.15.2.35
  src/contrib/sendmail/src/deliver.c                         1.1.1.21.4.2
  src/contrib/sendmail/src/mime.c                            1.1.1.12.4.2
  src/contrib/sendmail/src/sendmail.h                        1.1.1.23.4.2
RELENG_6
  src/contrib/sendmail/src/deliver.c                         1.1.1.23.2.3
  src/contrib/sendmail/src/mime.c                            1.1.1.13.2.3
  src/contrib/sendmail/src/sendmail.h                        1.1.1.26.2.3
RELENG_6_1
  src/UPDATING                                             1.416.2.22.2.3
  src/sys/conf/newvers.sh                                   1.69.2.11.2.3
  src/contrib/sendmail/src/deliver.c                     1.1.1.23.2.2.2.1
  src/contrib/sendmail/src/mime.c                        1.1.1.13.2.2.2.1
  src/contrib/sendmail/src/sendmail.h                    1.1.1.26.2.2.2.1
RELENG_6_0
  src/UPDATING                                             1.416.2.3.2.13
  src/sys/conf/newvers.sh                                    1.69.2.8.2.9
  src/contrib/sendmail/src/deliver.c                         1.1.1.23.4.2
  src/contrib/sendmail/src/mime.c                            1.1.1.13.4.2
  src/contrib/sendmail/src/sendmail.h                        1.1.1.26.4.2
- -------------------------------------------------------------------------

VII. References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1173

The latest revision of this advisory is available at
http://security.FreeBSD.org/advisories/FreeBSD-SA-06:17.sendmail.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (FreeBSD)

iD8DBQFEkDVJFdaIBMps37IRAqUCAJwKg8UZ2a5oO9XLXpPwgsBi+YdQcACgj2IY
D5jN+o1IfjomEK4IIY+xiR8=
=t7Wz
-----END PGP SIGNATURE-----
    

- 漏洞信息 (F47551)

SUSA-SA-2006-032.txt (PacketStormID:F47551)
2006-06-21 00:00:00
 
advisory
linux,suse
CVE-2006-1173
[点击下载]

SUSE Security Announcement - The Mail Transfer Agent sendmail has a remotely exploitable problem, where a specially crafted MIME messages can crash sendmail and block queue processing.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

______________________________________________________________________________

                        SUSE Security Announcement

        Package:                sendmail
        Announcement ID:        SUSE-SA:2006:032
        Date:                   Wed, 14 Jun 2006 19:00:00 +0000
        Affected Products:      SUSE LINUX 10.1
                                SUSE LINUX 10.0
                                SUSE LINUX 9.3
                                SUSE LINUX 9.2
                                SUSE LINUX 9.1
                                SuSE Linux Enterprise Server 8
                                SUSE SLES 9
                                UnitedLinux 1.0
        Vulnerability Type:     remote denial of service
        Severity (1-10):        5
        SUSE Default Package:   no
        Cross-References:       CVE-2006-1173, VU#146718

    Content of This Advisory:
        1) Security Vulnerability Resolved:
             sendmail remote denial of service attack
           Problem Description
        2) Solution or Work-Around
        3) Special Instructions and Notes
        4) Package Location and Checksums
        5) Pending Vulnerabilities, Solutions, and Work-Arounds:
            See SUSE Security Summary Report.
        6) Authenticity Verification and Additional Information

______________________________________________________________________________

1) Problem Description and Brief Discussion

   The Mail Transfer Agent sendmail has a remote exploitable problem,
   where a specially crafted MIME messages can crash sendmail and block
   queue processing.

   This issue is tracked by the Mitre CVE ID CVE-2006-1173 and CERT
   VU#146718.

2) Solution or Work-Around

   There is no known workaround, please install the update packages.

3) Special Instructions and Notes

   Please close and restart all running instances of sendmail after the update.

4) Package Location and Checksums

   The preferred method for installing security updates is to use the YaST
   Online Update (YOU) tool. YOU detects which updates are required and
   automatically performs the necessary steps to verify and install them.
   Alternatively, download the update packages for your distribution manually
   and verify their integrity by the methods listed in Section 6 of this
   announcement. Then install the packages using the command

     rpm -Fhv <file.rpm>

   to apply the update, replacing <file.rpm> with the filename of the
   downloaded RPM package.


   x86 Platform:

   SUSE LINUX 10.1:
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/sendmail-8.13.6-9.3.i586.rpm
          1e3fa1b7a729d2b260a4da6d9ff962f4

   SUSE LINUX 10.0:
   ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/sendmail-8.13.4-8.6.i586.rpm
          70a41db80164fb7d50e823774566ea9e

   SUSE LINUX 9.3:
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/sendmail-8.13.3-5.6.i586.rpm
          94679162ea3b479f20362f0d01ea4d72

   SUSE LINUX 9.2:
   ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/sendmail-8.13.1-5.6.i586.rpm
          10e79f3a40ec0c25911cf2549009d609

   SUSE LINUX 9.1:
   ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/sendmail-8.12.11-2.7.i586.rpm
          adc59ac9fa4ba76743bd073e0334b9d9

   Power PC Platform:

   SUSE LINUX 10.1:
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/sendmail-8.13.6-9.3.ppc.rpm
          81580c25511daa9862a1dd8f5ca7d48b

   SUSE LINUX 10.0:
   ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/sendmail-8.13.4-8.6.ppc.rpm
          ff81143d1dee29c58aea6038a952c903

   x86-64 Platform:

   SUSE LINUX 10.1:
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/sendmail-8.13.6-9.3.x86_64.rpm
          8f724bcf3c0aaac8923241c9f3288c40

   SUSE LINUX 10.0:
   ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/sendmail-8.13.4-8.6.x86_64.rpm
          40fc8a5f7ad12159528b8cc1d4c2173f

   SUSE LINUX 9.3:
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/sendmail-8.13.3-5.6.x86_64.rpm
          d8b8ba804ac1a04b22d673c52d654f69

   SUSE LINUX 9.2:
   ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/sendmail-8.13.1-5.6.x86_64.rpm
          6dcf297dbbcfb5d2b7d0a55efb9c3099

   SUSE LINUX 9.1:
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/sendmail-8.12.11-2.7.x86_64.rpm
          dd3ed5bd5318928a9bfe4320eed67027

   Sources:

   SUSE LINUX 10.1:
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/sendmail-8.13.6-9.3.src.rpm
          7ed5b46eb2ed2a18becadf43b8cba7b1

   SUSE LINUX 10.0:
   ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/sendmail-8.13.4-8.6.src.rpm
          0f93d3d608305d44667ec1b35a76e626

   SUSE LINUX 9.3:
   ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/sendmail-8.13.3-5.6.src.rpm
          c9ac83c770a63f94fe18a156898ffe70

   SUSE LINUX 9.2:
   ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/src/sendmail-8.13.1-5.6.src.rpm
          6dd980cf9e4ee2d14d9ec1e8f7c804f5

   SUSE LINUX 9.1:
   ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/src/sendmail-8.12.11-2.7.src.rpm
          d312bd0544a7e3b7456abfb79a296383
   ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/src/sendmail-8.12.11-2.7.src.rpm
          c1bfd5c0dbd95faee42ae0a2694147bf

   Our maintenance customers are notified individually. The packages are
   offered for installation from the maintenance web:

   UnitedLinux 1.0
     http://support.novell.com/cgi-bin/search/searchtid.cgi?psdb/e92dc8b293ef62544d01de2306f761b3.html

   SUSE SLES 9
     http://support.novell.com/cgi-bin/search/searchtid.cgi?psdb/e92dc8b293ef62544d01de2306f761b3.html

   SuSE Linux Enterprise Server 8
     http://support.novell.com/cgi-bin/search/searchtid.cgi?psdb/e92dc8b293ef62544d01de2306f761b3.html

______________________________________________________________________________

5) Pending Vulnerabilities, Solutions, and Work-Arounds:

   See SUSE Security Summary Report.
______________________________________________________________________________

6) Authenticity Verification and Additional Information

  - Announcement authenticity verification:

    SUSE security announcements are published via mailing lists and on Web
    sites. The authenticity and integrity of a SUSE security announcement is
    guaranteed by a cryptographic signature in each announcement. All SUSE
    security announcements are published with a valid signature.

    To verify the signature of the announcement, save it as text into a file
    and run the command

      gpg --verify <file>

    replacing <file> with the name of the file where you saved the
    announcement. The output for a valid signature looks like:

      gpg: Signature made <DATE> using RSA key ID 3D25D3D9
      gpg: Good signature from "SuSE Security Team <security@suse.de>"

    where <DATE> is replaced by the date the document was signed.

    If the security team's key is not contained in your key ring, you can
    import it from the first installation CD. To import the key, use the
    command

      gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc

  - Package authenticity verification:

    SUSE update packages are available on many mirror FTP servers all over the
    world. While this service is considered valuable and important to the free
    and open source software community, the authenticity and the integrity of
    a package needs to be verified to ensure that it has not been tampered
    with.

    There are two verification methods that can be used independently from
    each other to prove the authenticity of a downloaded file or RPM package:

    1) Using the internal gpg signatures of the rpm package
    2) MD5 checksums as provided in this announcement

    1) The internal rpm package signatures provide an easy way to verify the
       authenticity of an RPM package. Use the command

        rpm -v --checksig <file.rpm>

       to verify the signature of the package, replacing <file.rpm> with the
       filename of the RPM package downloaded. The package is unmodified if it
       contains a valid signature from build@suse.de with the key ID 9C800ACA.

       This key is automatically imported into the RPM database (on
       RPMv4-based distributions) and the gpg key ring of 'root' during
       installation. You can also find it on the first installation CD and at
       the end of this announcement.

    2) If you need an alternative means of verification, use the md5sum
       command to verify the authenticity of the packages. Execute the command

         md5sum <filename.rpm>

       after you downloaded the file from a SUSE FTP server or its mirrors.
       Then compare the resulting md5sum with the one that is listed in the
       SUSE security announcement. Because the announcement containing the
       checksums is cryptographically signed (by security@suse.de), the
       checksums show proof of the authenticity of the package if the
       signature of the announcement is valid. Note that the md5 sums
       published in the SUSE Security Announcements are valid for the
       respective packages only. Newer versions of these packages cannot be
       verified.

  - SUSE runs two security mailing lists to which any interested party may
    subscribe:

    suse-security@suse.com
        -   General Linux and SUSE security discussion.
            All SUSE security announcements are sent to this list.
            To subscribe, send an e-mail to
                <suse-security-subscribe@suse.com>.

    suse-security-announce@suse.com
        -   SUSE's announce-only mailing list.
            Only SUSE's security announcements are sent to this list.
            To subscribe, send an e-mail to
                <suse-security-announce-subscribe@suse.com>.

    For general information or the frequently asked questions (FAQ),
    send mail to <suse-security-info@suse.com> or
    <suse-security-faq@suse.com>.

    =====================================================================
    SUSE's security contact is <security@suse.com> or <security@suse.de>.
    The <security@suse.de> public key is listed below.
    =====================================================================
______________________________________________________________________________

    The information in this advisory may be distributed or reproduced,
    provided that the advisory is not modified in any way. In particular, the
    clear text signature should show proof of the authenticity of the text.

    SUSE Linux Products GmbH provides no warranties of any kind whatsoever
    with respect to the information contained in this security advisory.

Type Bits/KeyID     Date       User ID
pub  2048R/3D25D3D9 1999-03-06 SuSE Security Team <security@suse.de>
pub  1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build@suse.de>

- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.2 (GNU/Linux)

mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA
BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz
JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh
1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U
P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+
cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg
VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b
yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7
tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ
xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63
Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo
choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI
BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u
v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+
x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0
Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq
MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2
saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o
L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU
F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS
FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW
tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It
Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF
AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+
3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk
YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP
+Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR
8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U
8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S
cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh
ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB
UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo
AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n
KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi
BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro
nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg
KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx
yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn
B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV
wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh
UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF
5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3
D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu
zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd
9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi
a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13
CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp
271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE
t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG
B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw
rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt
IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL
rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H
RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa
g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA
CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO
=ypVs
- -----END PGP PUBLIC KEY BLOCK-----

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iQEVAwUBRJBeM3ey5gA9JdPZAQJVQgf/bwNm+ZLLDbUIBT4xj6/vbjoyuYScRHwV
CIbU73rHkHJSNCjjTjXOeU5inNu/YYkNs1T7DLkFQFiYxy9V2p6voHiZhcjwGOZg
VxmUyo707ybQJayvzLTq2U0y+PWHYQ0/CdRD6jZTFJ7etOiQCcqAGXTCuMvuK1Bl
4CfpQj80tMwNzcrldzAsD1UTBZ05DXLVgUO2hNzx0BOydvM6pHXco4Ow5am4mbFW
LMTP+LkmKIgqkhMk+WInxvVglVEyrbFszcv0D2tGC9M8wMlUPYulbhVRBJboc/do
xQBHa0MhQ9BuxmfdvqLudrwIHmBb8Cy9uqKO/dGG+RP97DhiH6UhYw==
=0D4O
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
    

- 漏洞信息

26197
Sendmail Multi-Part MIME Message Handling DoS
Remote / Network Access Denial of Service, Input Manipulation
Loss of Availability Upgrade
Exploit Unknown Vendor Verified

- 漏洞描述

sendmail contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends a specially-crafted, deeply nested multipart MIME message which exhausts the stack while performing an 8-bit to 7-bit conversion, and will result in loss of availability for the service.

- 时间线

2006-06-07 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 8.13.7 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

- 漏洞信息

Sendmail Malformed MIME Message Denial Of Service Vulnerability
Failure to Handle Exceptional Conditions 18433
Yes No
2006-06-14 12:00:00 2007-05-03 05:19:00
Frank Sheiness reported this issue to the vendor.

- 受影响的程序版本

Turbolinux Turbolinux Workstation 8.0
Turbolinux Turbolinux Server 10.0 x86
Turbolinux Turbolinux Server 10.0
Turbolinux Turbolinux Server 8.0
Turbolinux Turbolinux Server 7.0
Turbolinux Appliance Server Workgroup Edition 1.0
Turbolinux Appliance Server Hosting Edition 1.0
Turbolinux Appliance Server 1.0 Workgroup Edition
Turbolinux Appliance Server 1.0 Hosting Edition
Turbolinux Appliance Server 2.0
Trend Micro InterScan VirusWall 8.0
TransSoft Broker FTP Server 8.0
TransSoft Broker FTP Server 7.0
SuSE SUSE Linux Enterprise Server 8
Sun Solaris 9_x86 Update 2
Sun Solaris 9_x86
Sun Solaris 9
Sun Solaris 8_x86
Sun Solaris 8_sparc
Sun Solaris 10_x86
Sun Solaris 10.0_x86
Sun Solaris 10
SGI ProPack 3.0 SP6
SGI IRIX 6.5.29
SGI IRIX 6.5.28
SGI IRIX 6.5.27
SGI IRIX 6.5.26
SGI IRIX 6.5.25
SGI IRIX 6.5.24 m
SGI IRIX 6.5.24
SGI IRIX 6.5.23 m
SGI IRIX 6.5.23
SGI IRIX 6.5.22 m
SGI IRIX 6.5.22
SGI IRIX 6.5.21 m
SGI IRIX 6.5.21 f
SGI IRIX 6.5.21
SGI IRIX 6.5.20 m
SGI IRIX 6.5.20 f
SGI IRIX 6.5.20
SGI IRIX 6.5.19 m
SGI IRIX 6.5.19 f
SGI IRIX 6.5.19
Sendmail Consortium Sendmail 8.13.6
Sendmail Consortium Sendmail 8.13.5
Sendmail Consortium Sendmail 8.13.4
Sendmail Consortium Sendmail 8.13.3
Sendmail Consortium Sendmail 8.13.1
Sendmail Consortium Sendmail 8.12.11
Sendmail Consortium Sendmail 8.12.10
Sendmail Consortium Sendmail 8.12.9
+ Slackware Linux 9.0
+ Slackware Linux 8.1
+ Slackware Linux -current
Sendmail Consortium Sendmail 8.12.8
+ RedHat Linux 9.0 i386
+ RedHat Linux 8.0 i386
+ Yellow Dog Linux 3.0
Sendmail Consortium Sendmail 8.12.7
+ OpenPKG OpenPKG 1.2
+ Slackware Linux 8.1
+ SOTLinux SOTLinux 2003 Desktop
+ SOTLinux SOTLinux 2003 Server
Sendmail Consortium Sendmail 8.12.6
Sendmail Consortium Sendmail 8.12.5
Sendmail Consortium Sendmail 8.12.4
+ OpenBSD OpenBSD 3.2
+ Slackware Linux 8.1
+ Slackware Linux -current
Sendmail Consortium Sendmail 8.12.3
Sendmail Consortium Sendmail 8.12.2
Sendmail Consortium Sendmail 8.12.1
+ HP MPE/iX 7.5
+ HP MPE/iX 7.0
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2
Sendmail Consortium Sendmail 8.12.1
+ HP MPE/iX 7.5
+ HP MPE/iX 7.0
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2
Sendmail Consortium Sendmail 8.12 beta7
Sendmail Consortium Sendmail 8.12 beta5
Sendmail Consortium Sendmail 8.12 beta16
Sendmail Consortium Sendmail 8.12 beta12
Sendmail Consortium Sendmail 8.12 beta10
Sendmail Consortium Sendmail 8.12 .0
Sendmail Consortium Sendmail 8.11.7
Sendmail Consortium Sendmail 8.11.6
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Workstation 3.1.1
+ Caldera OpenLinux Workstation 3.1
+ Conectiva Linux 8.0
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
+ FreeBSD FreeBSD 4.5 -RELEASE
+ FreeBSD FreeBSD 4.5
+ FreeBSD FreeBSD 4.4
+ Immunix Immunix OS 7.0
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
+ RedHat Linux 7.3 i386
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.0 i386
+ RedHat Linux 6.2 i386
+ S.u.S.E. Linux 7.3 sparc
+ S.u.S.E. Linux 7.3 ppc
+ S.u.S.E. Linux 7.3 i386
+ S.u.S.E. Linux 7.3
+ Sun Cobalt RaQ 550
+ Sun Linux 5.0.3
+ Sun Linux 5.0
Sendmail Consortium Sendmail 8.11.5
Sendmail Consortium Sendmail 8.11.4
Sendmail Consortium Sendmail 8.11.3
- MandrakeSoft Corporate Server 1.0.1
- Mandriva Linux Mandrake 8.0
+ S.u.S.E. Linux 7.2 i386
+ S.u.S.E. Linux 7.2
- Slackware Linux 7.1
Sendmail Consortium Sendmail 8.11.2
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 alpha
+ RedHat Linux 7.1
+ S.u.S.E. Linux 7.1 x86
+ S.u.S.E. Linux 7.1 sparc
+ S.u.S.E. Linux 7.1 ppc
+ S.u.S.E. Linux 7.1 alpha
+ S.u.S.E. Linux 7.1
Sendmail Consortium Sendmail 8.11.1
Sendmail Consortium Sendmail 8.11
Sendmail Consortium Sendmail 8.10.2
Sendmail Consortium Sendmail 8.10.1
Sendmail Consortium Sendmail 8.10
Sendmail Consortium Sendmail 8.9.3
+ Compaq Tru64 5.1 PK5 (BL19)
+ Compaq Tru64 5.0 a PK3 (BL17)
+ Debian Linux 2.2 sparc
+ Debian Linux 2.2 powerpc
+ Debian Linux 2.2 IA-32
+ Debian Linux 2.2 arm
+ Debian Linux 2.2 alpha
+ Debian Linux 2.2 68k
+ Debian Linux 2.2
+ IBM AIX 4.3.3
+ SGI IRIX 6.5.19
+ SGI IRIX 6.5.18 m
+ SGI IRIX 6.5.18 f
+ SGI IRIX 6.5.17 m
+ SGI IRIX 6.5.17 f
+ SGI IRIX 6.5.16 m
+ SGI IRIX 6.5.16 f
+ SGI IRIX 6.5.15 m
+ SGI IRIX 6.5.15 f
+ SGI IRIX 6.5.14 m
+ SGI IRIX 6.5.14 f
+ SGI IRIX 6.5.13 m
+ SGI IRIX 6.5.13 f
+ SGI IRIX 6.5.12 m
+ SGI IRIX 6.5.12 f
+ SGI IRIX 6.5.11 m
+ SGI IRIX 6.5.11 f
+ SGI IRIX 6.5.10 m
+ SGI IRIX 6.5.10 f
+ SGI IRIX 6.5.9 m
+ SGI IRIX 6.5.9 f
+ SGI IRIX 6.5.8 m
+ SGI IRIX 6.5.8 f
+ SGI IRIX 6.5.7 m
+ SGI IRIX 6.5.7 f
Sendmail Consortium Sendmail 8.9.2
Sendmail Consortium Sendmail 8.9.1
Sendmail Consortium Sendmail 8.9 .0
Sendmail Consortium Sendmail 8.8.8
S.u.S.E. UnitedLinux 1.0
S.u.S.E. Linux Professional 10.0 OSS
S.u.S.E. Linux Professional 10.0
S.u.S.E. Linux Professional 9.3 x86_64
S.u.S.E. Linux Professional 9.3
S.u.S.E. Linux Professional 9.2 x86_64
S.u.S.E. Linux Professional 9.2
S.u.S.E. Linux Professional 9.1 x86_64
S.u.S.E. Linux Professional 9.1
S.u.S.E. Linux Professional 10.1
S.u.S.E. Linux Personal 10.0 OSS
S.u.S.E. Linux Personal 9.3 x86_64
S.u.S.E. Linux Personal 9.3
S.u.S.E. Linux Personal 9.2 x86_64
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1 x86_64
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 10.1
S.u.S.E. Linux Enterprise Server for S/390 9.0
S.u.S.E. Linux Enterprise Server for S/390
S.u.S.E. Linux Enterprise Server 9
rPath rPath Linux 1
RedHat Linux 9.0 i386
RedHat Linux 7.3 i686
RedHat Linux 7.3 i386
RedHat Linux 7.3
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux WS 2.1 IA64
RedHat Enterprise Linux WS 2.1
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux ES 2.1 IA64
RedHat Enterprise Linux ES 2.1
RedHat Desktop 4.0
RedHat Desktop 3.0
RedHat Advanced Workstation for the Itanium Processor 2.1 IA64
RedHat Advanced Workstation for the Itanium Processor 2.1
Red Hat Fedora Core5
Red Hat Fedora Core4
Red Hat Fedora Core3
Red Hat Fedora Core2
Red Hat Fedora Core1
Red Hat Enterprise Linux AS 4
Red Hat Enterprise Linux AS 3
Red Hat Enterprise Linux AS 2.1 IA64
Red Hat Enterprise Linux AS 2.1
OpenBSD OpenBSD 3.9
OpenBSD OpenBSD 3.8
OpenBSD OpenBSD -current
NetBSD NetBSD 2.1
NetBSD NetBSD 2.0.3
NetBSD NetBSD 2.0.2
NetBSD NetBSD 2.0.1
NetBSD NetBSD 2.0
NetBSD NetBSD Current
Navision Financials Server 3.0
Mandriva Linux Mandrake 2006.0 x86_64
Mandriva Linux Mandrake 2006.0
Mandriva Linux Mandrake 10.2 x86_64
Mandriva Linux Mandrake 10.2
MandrakeSoft Multi Network Firewall 2.0
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
IBM AIX 5.3 L
IBM AIX 5.2.2
IBM AIX 5.2 L
IBM AIX 5.3
IBM AIX 5.2
HP Tru64 5.1 B PK3 (BL24)
HP Tru64 5.1 B PK3
HP Tru64 5.1 b
HP Tru64 5.1 A PK6 (BL24)
HP Tru64 5.1 A PK6
HP Tru64 5.1 a PK4 (BL21)
HP Tru64 5.1 A PK
HP Tru64 4.0 G PK4 (BL22)
HP Tru64 4.0 G PK4
HP Tru64 4.0 F PK8 (BL22)
HP Tru64 4.0 F PK8
HP HP-UX B.11.23
HP HP-UX B.11.11
HP HP-UX B.11.04
HP HP-UX B.11.00
Gentoo Linux
FreeBSD FreeBSD 6.0 -STABLE
FreeBSD FreeBSD 6.0 -RELEASE
FreeBSD FreeBSD 5.4 -RELENG
FreeBSD FreeBSD 5.4 -RELEASE
FreeBSD FreeBSD 5.4 -PRERELEASE
FreeBSD FreeBSD 5.3 -STABLE
FreeBSD FreeBSD 5.3 -RELENG
FreeBSD FreeBSD 5.3 -RELEASE
FreeBSD FreeBSD 5.3
FreeBSD FreeBSD 5.2.1 -RELEASE
FreeBSD FreeBSD 5.2 -RELENG
FreeBSD FreeBSD 5.2 -RELEASE
FreeBSD FreeBSD 5.2
FreeBSD FreeBSD 5.1 -RELENG
FreeBSD FreeBSD 5.1 -RELEASE/Alpha
FreeBSD FreeBSD 5.1 -RELEASE-p5
FreeBSD FreeBSD 5.1 -RELEASE
FreeBSD FreeBSD 5.1
FreeBSD FreeBSD 5.0 -RELENG
FreeBSD FreeBSD 5.0 -RELEASE-p14
FreeBSD FreeBSD 5.0 alpha
FreeBSD FreeBSD 5.0
FreeBSD FreeBSD 4.11 -STABLE
FreeBSD FreeBSD 4.11 -RELENG
FreeBSD FreeBSD 4.11 -RELEASE-p3
FreeBSD FreeBSD 4.10 -RELENG
FreeBSD FreeBSD 4.10 -RELEASE-p8
FreeBSD FreeBSD 4.10 -RELEASE
FreeBSD FreeBSD 4.10
FreeBSD FreeBSD 4.9 -RELENG
FreeBSD FreeBSD 4.9 -PRERELEASE
FreeBSD FreeBSD 4.9
FreeBSD FreeBSD 4.8 -RELENG
FreeBSD FreeBSD 4.8 -RELEASE-p7
FreeBSD FreeBSD 4.8 -PRERELEASE
FreeBSD FreeBSD 4.8
FreeBSD FreeBSD 4.7 -STABLE
FreeBSD FreeBSD 4.7 -RELENG
FreeBSD FreeBSD 4.7 -RELEASE-p17
FreeBSD FreeBSD 4.7 -RELEASE
FreeBSD FreeBSD 4.7
FreeBSD FreeBSD 4.6.2
FreeBSD FreeBSD 4.6 -STABLE
FreeBSD FreeBSD 4.6 -RELENG
FreeBSD FreeBSD 4.6 -RELEASE-p20
FreeBSD FreeBSD 4.6 -RELEASE
FreeBSD FreeBSD 4.6
FreeBSD FreeBSD 4.5 -STABLEpre2002-03-07
FreeBSD FreeBSD 4.5 -STABLE
FreeBSD FreeBSD 4.5 -RELENG
FreeBSD FreeBSD 4.5 -RELEASE-p32
FreeBSD FreeBSD 4.5 -RELEASE
FreeBSD FreeBSD 4.5
FreeBSD FreeBSD 4.4 -STABLE
FreeBSD FreeBSD 4.4 -RELENG
FreeBSD FreeBSD 4.4 -RELENG
FreeBSD FreeBSD 4.4 -RELEASE-p42
FreeBSD FreeBSD 4.4
FreeBSD FreeBSD 4.3 -STABLE
FreeBSD FreeBSD 4.3 -RELENG
FreeBSD FreeBSD 4.3 -RELEASE-p38
FreeBSD FreeBSD 4.3 -RELEASE
FreeBSD FreeBSD 4.3
FreeBSD FreeBSD 4.2 -STABLEpre122300
FreeBSD FreeBSD 4.2 -STABLEpre050201
FreeBSD FreeBSD 4.2 -STABLE
FreeBSD FreeBSD 4.2 -RELEASE
FreeBSD FreeBSD 4.2
FreeBSD FreeBSD 4.1.1 -STABLE
FreeBSD FreeBSD 4.1.1 -RELEASE
FreeBSD FreeBSD 4.1.1
FreeBSD FreeBSD 4.1
FreeBSD FreeBSD 4.0 .x
FreeBSD FreeBSD 4.0 -RELENG
FreeBSD FreeBSD 4.0 alpha
FreeBSD FreeBSD 4.0
FreeBSD FreeBSD 6.1 -STABLE
FreeBSD FreeBSD 6.1 -RELEASE
FreeBSD FreeBSD 5.4-STABLE
FreeBSD FreeBSD 4.10-PRERELEASE
Fortinet FortiMail 0
F-Secure Messaging Security Gateway X200 3.2.4 build 40
F-Secure Messaging Security Gateway X200 3.2.3 build 37
F-Secure Messaging Security Gateway X200 3.2.2 build 40
F-Secure Messaging Security Gateway X200 3.1 build 600
F-Secure Messaging Security Gateway X200 3.1
F-Secure Messaging Security Gateway P800 3.2.4 build 40
F-Secure Messaging Security Gateway P800 3.2.4
F-Secure Messaging Security Gateway P800 3.2.3 build 40
F-Secure Messaging Security Gateway P800 3.2.3 build 37
F-Secure Messaging Security Gateway P800 3.1 build 600
F-Secure Messaging Security Gateway P600 3.2.4
F-Secure Messaging Security Gateway P600 3.2.3 build 40
F-Secure Messaging Security Gateway P600 3.2.2 build 37
F-Secure Messaging Security Gateway P600 3.1 build 600
F-Secure Messaging Security Gateway P600 3.1 build 40
Debian Linux 3.1 sparc
Debian Linux 3.1 s/390
Debian Linux 3.1 ppc
Debian Linux 3.1 mipsel
Debian Linux 3.1 mips
Debian Linux 3.1 m68k
Debian Linux 3.1 ia-64
Debian Linux 3.1 ia-32
Debian Linux 3.1 hppa
Debian Linux 3.1 arm
Debian Linux 3.1 amd64
Debian Linux 3.1 alpha
Debian Linux 3.1
Avaya Interactive Response 1.3
Avaya Interactive Response 1.2.1
Avaya Interactive Response 2.0
Avaya Interactive Response
Avaya CMS Server 13.0
Avaya CMS Server 12.0
Avaya CMS Server 11.0
Avaya CMS Server 9.0
Avaya CMS Server 13.1
Sendmail Consortium Sendmail 8.13.7
Fortinet FortiMail 2.8 build 083

- 不受影响的程序版本

Sendmail Consortium Sendmail 8.13.7
Fortinet FortiMail 2.8 build 083

- 漏洞讨论

Sendmail is prone to a denial-of-service vulnerability because the application fails to properly handle malformed multi-part MIME messages.

An attacker can exploit this issue to crash the sendmail process during delivery.

- 漏洞利用

An attacker may trigger this issue by constructing a malicious email message and sending it to a vulnerable server.

- 解决方案

The vendor has released version 8.13.7 to address this issue.

Please see the referenced advisories for more information.


HP HP-UX B.11.00

Sendmail Consortium Sendmail 8.11.2

Sendmail Consortium Sendmail 8.11.3

Sendmail Consortium Sendmail 8.11.6

Sendmail Consortium Sendmail 8.11.7

Sendmail Consortium Sendmail 8.12 beta5

Sendmail Consortium Sendmail 8.12.1

Sendmail Consortium Sendmail 8.12.11

Sendmail Consortium Sendmail 8.12.4

Sendmail Consortium Sendmail 8.12.7

Sendmail Consortium Sendmail 8.12.8

Sendmail Consortium Sendmail 8.12.9

Sendmail Consortium Sendmail 8.13.5

Sendmail Consortium Sendmail 8.9.2

Sendmail Consortium Sendmail 8.9.3

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站