SMTP: Header Line Overflow
This signature detects SMTP transactions with large header lines. Malicious users can attempt to crash the SMTP service by sending large header lines in an e-mail message.
Extended Description
Sendmail is prone to a remote code-execution vulnerability. Remote attackers may leverage this issue to execute arbitrary code with the privileges of the application, which typically runs as superuser. Versions prior to Sendmail 8.13.6 are vulnerable to this issue.
Affected Products
Avaya communication_manager_server_s8500,Hp tru64
References
BugTraq: 17192
CVE: CVE-2006-0058
URL: http://www.gentoo.org/security/en/glsa/glsa-200603-21.xml
Short Name
SMTP:OVERFLOW:HEADER-LINE-OF
Severity
Major
Recommended
False
Recommended Action
None
Category
SMTP
Keywords
CVE-2006-0058 Header Line Overflow bid:17192
Release Date
03/24/2006
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Red_hat
F-secure
Nortel_networks
Conectiva
Openbsd
Freebsd
Gentoo
Sun
Hp
Turbolinux
Avaya
Debian
Sgi
Slackware
Openpkg
Mandriva
Suse
Sendmail_consortium
Sco
Netbsd
Ibm
CVSS Score
7.6