CVE-2006-1173

EPSS 21.5%

sendmail - programming error

Published: 6/7/2006Modified: 4/28/2026

Description

Sendmail before 8.13.7 allows remote attackers to cause a denial of service via deeply nested, malformed multipart MIME messages that exhaust the stack during the recursive mime8to7 function for performing 8-bit to 7-bit conversion, which prevents Sendmail from delivering queued messages and might lead to disk consumption by core dump files.

Affected packages (2)

Debian/sendmailfrom 0, < 8.13.7-1
Debian/sendmailfrom 0, < 8.13.4-3sarge2

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2006-1173