Lucene search

[email protected]CVE-2006-7176

HistoryMar 27, 2007 - 11:19 p.m.

CVE-2006-7176

2007-03-2723:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

sendmail

red hat enterprise linux

cve-2006-7176

spoofing

security vulnerability

6.3 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.011 Low

EPSS

Percentile

84.2%

JSON

The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and earlier does not reject the “localhost.localdomain” domain name for e-mail messages that come from external hosts, which might allow remote attackers to spoof messages.

CPENameOperatorVersion
sendmail:sendmailsendmaileq8.13.1.2

CPE	Name	Operator	Version
sendmail:sendmail	sendmail	eq	8.13.1.2

References

secunia.com/advisories/25098

secunia.com/advisories/25743

support.avaya.com/elmodocs2/security/ASA-2007-248.htm

www.redhat.com/support/errata/RHSA-2007-0252.html

www.securityfocus.com/bid/23742

bugzilla.redhat.com/bugzilla/show_bug.cgi?id=171838

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11499

6.3 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.011 Low

EPSS

Percentile

84.2%

JSON

Related for CVE-2006-7176

oraclelinux2 nessus7 veracode1 redhat2 centos1 ubuntucve1 debiancve1 openvas3