CVE-2006-4434
HIGH EXPLOITEDSendmail < 8.13.8 - Use-After-Free via Long Header Line
Title source: llmExploitation Summary
CVE-2006-4434 has been observed exploited in the wild (reported by VulnCheck KEV).
Description
Use-after-free vulnerability in Sendmail before 8.13.8 allows remote attackers to cause a denial of service (crash) via a long "header line", which causes a previously freed variable to be referenced. NOTE: the original developer has disputed the severity of this issue, saying "The only denial of service that is possible here is to fill up the disk with core dumps if the OS actually generates different core dumps (which is unlikely)... the bug is in the shutdown code (finis()) which leads directly to exit(3), i.e., the process would terminate anyway, no mail delivery or receiption is affected."
References (19)
Core 19
Core References
Release Notes vendor-advisory
x_refsource_openbsd
http://www.openbsd.org/errata.html#sendmail3
Mailing List mailing-list
x_refsource_vim
http://www.attrition.org/pipermail/vim/2006-August/000999.html
Broken Link, Patch, Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1016753
Broken Link, Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/21637
Broken Link, Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2006/3994
Broken Link vdb-entry
x_refsource_osvdb
http://www.osvdb.org/28193
Broken Link, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/21749
Broken Link, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/21700
Broken Link vendor-advisory
x_refsource_debian
http://www.debian.org/security/2006/dsa-1164
Broken Link, Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/21641
Release Notes x_refsource_confirm
http://www.sendmail.org/releases/8.13.8.html
Broken Link, Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2006/3393
Broken Link vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2006:156
Broken Link, Patch, Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/19714
Broken Link vendor-advisory
x_refsource_suse
http://www.novell.com/linux/security/advisories/2006_21_sr.html
Broken Link vendor-advisory
x_refsource_sunalert
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102664-1
Broken Link, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/22369
Third Party Advisory vendor-advisory
x_refsource_openbsd
http://www.openbsd.org/errata38.html#sendmail3
Broken Link, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/21696
Scores
CVSS v3
7.5
EPSS
0.0433
EPSS Percentile
90.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
VulnCheck KEV
2006-08-29
CWE
CWE-416
Status
published
Products (1)
sendmail/sendmail
< 8.13.8
Published
Aug 29, 2006
Tracked Since
Feb 18, 2026