Signature Detail
Short Name |
SMTP:OVERFLOW:HEADER-LINE-OF |
|---|---|
Severity |
High |
Recommended |
No |
Category |
SMTP |
Keywords |
Header Line Overflow |
Release Date |
2006/03/24 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
SMTP: Header Line Overflow
This signature detects SMTP transactions with large header lines. Malicious users can attempt to crash the SMTP service by sending large header lines in an e-mail message.
Extended Description
Sendmail is prone to a remote code-execution vulnerability. Remote attackers may leverage this issue to execute arbitrary code with the privileges of the application, which typically runs as superuser. Versions prior to Sendmail 8.13.6 are vulnerable to this issue.
Affected Products
- Avaya CMS Server 11.0.0
- Avaya CMS Server 12.0.0
- Avaya CMS Server 13.0.0
- Avaya CMS Server 13.1
- Avaya CMS Server 9.0.0
- Avaya Communication Manager Server S8300
- Avaya Communication Manager Server S8500
- Avaya Communication Manager Server S8700
- Avaya Interactive Response 1.2.1
- Avaya Interactive Response 1.3.0
- Avaya Interactive Response
- Conectiva Linux 10.0.0
- Debian Linux 3.0.0
- Debian Linux 3.0.0 Alpha
- Debian Linux 3.0.0 Arm
- Debian Linux 3.0.0 Hppa
- Debian Linux 3.0.0 Ia-32
- Debian Linux 3.0.0 Ia-64
- Debian Linux 3.0.0 M68k
- Debian Linux 3.0.0 Mips
- Debian Linux 3.0.0 Mipsel
- Debian Linux 3.0.0 Ppc
- Debian Linux 3.0.0 S/390
- Debian Linux 3.0.0 Sparc
- Debian Linux 3.1.0
- Debian Linux 3.1.0 Alpha
- Debian Linux 3.1.0 Amd64
- Debian Linux 3.1.0 Arm
- Debian Linux 3.1.0 Hppa
- Debian Linux 3.1.0 Ia-32
- Debian Linux 3.1.0 Ia-64
- Debian Linux 3.1.0 M68k
- Debian Linux 3.1.0 Mips
- Debian Linux 3.1.0 Mipsel
- Debian Linux 3.1.0 Ppc
- Debian Linux 3.1.0 S/390
- Debian Linux 3.1.0 Sparc
- FreeBSD 1.1.5 .1
- FreeBSD 2.0.0
- FreeBSD 2.0.5
- FreeBSD 2.1.0
- FreeBSD 2.1.0 X
- FreeBSD 2.1.5
- FreeBSD 2.1.6
- FreeBSD 2.1.6 .1
- FreeBSD 2.1.7 .1
- FreeBSD 2.2.0
- FreeBSD 2.2.0 X
- FreeBSD 2.2.2
- FreeBSD 2.2.3
- FreeBSD 2.2.4
- FreeBSD 2.2.5
- FreeBSD 2.2.6
- FreeBSD 2.2.8
- FreeBSD 2.X
- FreeBSD 3.0.0
- FreeBSD 3.0.0 -RELENG
- FreeBSD 3.1.0
- FreeBSD 3.1.0 X
- FreeBSD 3.2.0
- FreeBSD 3.2.0 X
- FreeBSD 3.3.0
- FreeBSD 3.3.0 X
- FreeBSD 3.4.0
- FreeBSD 3.4.0 X
- FreeBSD 3.5.0
- FreeBSD 3.5.0 -STABLE
- FreeBSD 3.5.0 -Stablepre050201
- FreeBSD 3.5.0 -Stablepre122300
- FreeBSD 3.5.0 X
- FreeBSD 3.5.1
- FreeBSD 3.5.1 -RELEASE
- FreeBSD 3.5.1 -STABLE
- FreeBSD 3.5.1 -Stablepre2001-07-20
- FreeBSD 3.X
- FreeBSD 4.0.0
- FreeBSD 4.0.0 Alpha
- FreeBSD 4.0.0 -RELENG
- FreeBSD 4.0.0 .X
- FreeBSD 4.1.0
- FreeBSD 4.10.0
- FreeBSD 4.10.0 -RELEASE
- FreeBSD 4.10.0 -RELEASE-P8
- FreeBSD 4.10.0 -RELENG
- FreeBSD 4.10-PRERELEASE
- FreeBSD 4.1.1
- FreeBSD 4.11.0 -RELEASE-P3
- FreeBSD 4.11.0 -RELENG
- FreeBSD 4.11.0 -STABLE
- FreeBSD 4.1.1 -RELEASE
- FreeBSD 4.1.1 -STABLE
- FreeBSD 4.2.0
- FreeBSD 4.2.0 -RELEASE
- FreeBSD 4.2.0 -STABLE
- FreeBSD 4.2.0 -Stablepre050201
- FreeBSD 4.2.0 -Stablepre122300
- FreeBSD 4.3.0
- FreeBSD 4.3.0 -RELEASE
- FreeBSD 4.3.0 -RELEASE-P38
- FreeBSD 4.3.0 -RELENG
- FreeBSD 4.3.0 -STABLE
- FreeBSD 4.4.0
- FreeBSD 4.4.0 -RELEASE-P42
- FreeBSD 4.4.0 -RELENG
- FreeBSD 4.4.0 -STABLE
- FreeBSD 4.5.0
- FreeBSD 4.5.0 -RELEASE
- FreeBSD 4.5.0 -RELEASE-P32
- FreeBSD 4.5.0 -RELENG
- FreeBSD 4.5.0 -STABLE
- FreeBSD 4.5.0 -Stablepre2002-03-07
- FreeBSD 4.6.0
- FreeBSD 4.6.0 -RELEASE
- FreeBSD 4.6.0 -RELEASE-P20
- FreeBSD 4.6.0 -RELENG
- FreeBSD 4.6.0 -STABLE
- FreeBSD 4.6.2
- FreeBSD 4.7.0
- FreeBSD 4.7.0 -RELEASE
- FreeBSD 4.7.0 -RELEASE-P17
- FreeBSD 4.7.0 -RELENG
- FreeBSD 4.7.0 -STABLE
- FreeBSD 4.8.0
- FreeBSD 4.8.0 -PRERELEASE
- FreeBSD 4.8.0 -RELEASE-P7
- FreeBSD 4.8.0 -RELENG
- FreeBSD 4.9.0
- FreeBSD 4.9.0 -PRERELEASE
- FreeBSD 4.9.0 -RELENG
- FreeBSD 5.0.0
- FreeBSD 5.0.0 Alpha
- FreeBSD 5.0.0 -RELEASE-P14
- FreeBSD 5.0.0 -RELENG
- FreeBSD 5.1.0
- FreeBSD 5.1.0 -RELEASE
- FreeBSD 5.1.0 -RELEASE/Alpha
- FreeBSD 5.1.0 -RELEASE-P5
- FreeBSD 5.1.0 -RELENG
- FreeBSD 5.2.0
- FreeBSD 5.2.0 -RELEASE
- FreeBSD 5.2.0 -RELENG
- FreeBSD 5.2.1 -RELEASE
- FreeBSD 5.3.0
- FreeBSD 5.3.0 -RELEASE
- FreeBSD 5.3.0 -RELENG
- FreeBSD 5.3.0 -STABLE
- FreeBSD 5.4.0 -PRERELEASE
- FreeBSD 5.4.0 -RELEASE
- FreeBSD 5.4.0 -RELENG
- FreeBSD 5.4-STABLE
- FreeBSD 6.0.0 -RELEASE
- FreeBSD 6.0.0 -STABLE
- F-Secure Messaging Security Gateway P600 3.2.4
- F-Secure Messaging Security Gateway P800 3.2.4
- F-Secure Messaging Security Gateway X200 3.1.0
- Gentoo Linux
- HP HP-UX 11.0.0
- HP HP-UX 11.11.0
- HP HP-UX 11.23.0
- HP HP-UX B.11.00
- HP HP-UX B.11.04
- HP HP-UX B.11.11
- HP HP-UX B.11.23
- HP Internet Express 6.3
- HP Internet Express 6.4
- HP Internet Express 6.5
- HP Tru64 4.0.0 F PK8
- HP Tru64 4.0.0 G PK4
- HP Tru64 5.1.0 A PK6
- HP Tru64 5.1.0 B-2 PK4
- HP Tru64 5.1.0 B-3
- IBM AIX 5.1
- IBM AIX 5.1.0 L
- IBM AIX 5.2
- IBM AIX 5.2.0 L
- IBM AIX 5.3
- IBM AIX 5.3.0 L
- IBM Hardware Management Console (HMC) 5.2.1
- Mandriva Corporate Server 3.0.0
- Mandriva Corporate Server 3.0.0 X86 64
- Mandriva Linux Mandrake 10.2.0
- Mandriva Linux Mandrake 10.2.0 X86 64
- Mandriva Linux Mandrake 2006.0.0
- Mandriva Linux Mandrake 2006.0.0 X86 64
- Mandriva Multi Network Firewall 2.0.0
- NetBSD 1.6.0
- NetBSD 1.6.0 Beta
- NetBSD 1.6.1
- NetBSD 1.6.2
- NetBSD 2.0.0
- NetBSD 2.0.1
- NetBSD 2.0.2
- NetBSD 2.0.3
- NetBSD 2.1.0
- NetBSD 3.0.0
- Nortel Networks W-NMS-CNM 1.0
- Nortel Networks W-NMS-GPRS 4.2
- Nortel Networks W-NMS-UMTS 4.2
- OpenBSD 2.0.0
- OpenBSD 2.1.0
- OpenBSD 2.2.0
- OpenBSD 2.3.0
- OpenBSD 2.4.0
- OpenBSD 2.5.0
- OpenBSD 2.6.0
- OpenBSD 2.7.0
- OpenBSD 2.8.0
- OpenBSD 2.9.0
- OpenBSD 3.0
- OpenBSD 3.1
- OpenBSD 3.2
- OpenBSD 3.3
- OpenBSD 3.4
- OpenBSD 3.5
- OpenBSD 3.6
- OpenBSD 3.7
- OpenBSD 3.8
- OpenPKG 2.3.0
- OpenPKG 2.4.0
- OpenPKG 2.5.0
- Red Hat Advanced Workstation for the Itanium Processor 2.1.0
- Red Hat Advanced Workstation for the Itanium Processor 2.1.0 IA64
- Red Hat Enterprise Linux AS 2.1
- Red Hat Enterprise Linux AS 2.1 IA64
- Red Hat Enterprise Linux AS 3
- Red Hat Enterprise Linux AS 4
- Red Hat Enterprise Linux ES 2.1
- Red Hat Enterprise Linux ES 2.1 IA64
- Red Hat Enterprise Linux ES 3
- Red Hat Enterprise Linux ES 4
- Red Hat Enterprise Linux WS 2.1
- Red Hat Enterprise Linux WS 2.1 IA64
- Red Hat Enterprise Linux WS 3
- Red Hat Enterprise Linux WS 4
- Red Hat Fedora Core1
- Red Hat Fedora Core2
- Red Hat Fedora Core3
- Red Hat Fedora Core4
- Red Hat Fedora Core5
- Red Hat Linux 7.3.0 I386
- Red Hat Linux 9.0.0 I386
- SCO Open Server 6.0.0
- SCO Unixware 7.1.3
- SCO Unixware 7.1.4
- Sendmail Consortium Sendmail 8.10.0
- Sendmail Consortium Sendmail 8.10.1
- Sendmail Consortium Sendmail 8.10.2
- Sendmail Consortium Sendmail 8.11.0
- Sendmail Consortium Sendmail 8.11.1
- Sendmail Consortium Sendmail 8.11.2
- Sendmail Consortium Sendmail 8.11.3
- Sendmail Consortium Sendmail 8.11.4
- Sendmail Consortium Sendmail 8.11.5
- Sendmail Consortium Sendmail 8.11.6
- Sendmail Consortium Sendmail 8.11.7
- Sendmail Consortium Sendmail 8.12.0 .0
- Sendmail Consortium Sendmail 8.12.0 Beta10
- Sendmail Consortium Sendmail 8.12.0 Beta12
- Sendmail Consortium Sendmail 8.12.0 Beta16
- Sendmail Consortium Sendmail 8.12.0 Beta5
- Sendmail Consortium Sendmail 8.12.0 Beta7
- Sendmail Consortium Sendmail 8.12.1
- Sendmail Consortium Sendmail 8.12.10
- Sendmail Consortium Sendmail 8.12.11
- Sendmail Consortium Sendmail 8.12.2
- Sendmail Consortium Sendmail 8.12.3
- Sendmail Consortium Sendmail 8.12.4
- Sendmail Consortium Sendmail 8.12.5
- Sendmail Consortium Sendmail 8.12.6
- Sendmail Consortium Sendmail 8.12.7
- Sendmail Consortium Sendmail 8.12.8
- Sendmail Consortium Sendmail 8.12.9
- Sendmail Consortium Sendmail 8.13.3
- Sendmail Consortium Sendmail 8.13.4
- Sendmail Consortium Sendmail 8.13.5
- Sendmail Consortium Sendmail 8.8.8
- Sendmail Consortium Sendmail 8.9.0 .0
- Sendmail Consortium Sendmail 8.9.1
- Sendmail Consortium Sendmail 8.9.2
- Sendmail Consortium Sendmail 8.9.3
- SGI IRIX 6.5.19
- SGI IRIX 6.5.19 F
- SGI IRIX 6.5.19 M
- SGI IRIX 6.5.20
- SGI IRIX 6.5.20 F
- SGI IRIX 6.5.20 M
- SGI IRIX 6.5.21
- SGI IRIX 6.5.21 F
- SGI IRIX 6.5.21 M
- SGI IRIX 6.5.22
- SGI IRIX 6.5.22 m
- SGI IRIX 6.5.23
- SGI IRIX 6.5.23 M
- SGI IRIX 6.5.24
- SGI IRIX 6.5.24 M
- SGI IRIX 6.5.25
- SGI IRIX 6.5.26
- SGI IRIX 6.5.27
- SGI IRIX 6.5.28
- SGI IRIX 6.5.29
- SGI ProPack 3.0.0 SP6
- Slackware Linux 10.0.0
- Slackware Linux 10.1.0
- Slackware Linux 10.2.0
- Slackware Linux 8.1.0
- Slackware Linux 9.0.0
- Slackware Linux 9.1.0
- Slackware Linux -Current
- Sun Cobalt RaQ 4
- Sun Cobalt RaQ 550
- Sun Cobalt RaQ XTR
- Sun Solaris 10 Sparc
- Sun Solaris 10 X86
- Sun Solaris 9 Sparc
- Sun Solaris 9 X86
- SuSE Linux Personal 10.0.0 OSS
- SuSE Linux Personal 9.1.0
- SuSE Linux Personal 9.1.0 X86 64
- SuSE Linux Personal 9.2.0
- SuSE Linux Personal 9.2.0 X86 64
- SuSE Linux Personal 9.3.0
- SuSE Linux Personal 9.3.0 X86 64
- SuSE Linux Professional 10.0.0 OSS
- SuSE Linux Professional 9.1.0
- SuSE Linux Professional 9.1.0 X86 64
- SuSE Linux Professional 9.2.0
- SuSE Linux Professional 9.2.0 X86 64
- SuSE Linux Professional 9.3.0
- SuSE Linux Professional 9.3.0 X86 64
- SuSE SUSE Linux Enterprise Server 8
- SuSE SUSE Linux Enterprise Server 9
- SuSE UnitedLinux 1.0.0
- Turbolinux Appliance Server 1.0.0 Hosting Edition
- Turbolinux Appliance Server 1.0.0 Workgroup Edition
- Turbolinux Appliance Server 2.0
- Turbolinux Appliance Server Hosting Edition 1.0.0
- Turbolinux Appliance Server Workgroup Edition 1.0.0
- Turbolinux Turbolinux Workstation 7.0.0
- Turbolinux Turbolinux Workstation 8.0.0
References
- BugTraq: 17192
- CVE: CVE-2006-0058
- URL: http://www.gentoo.org/security/en/glsa/glsa-200603-21.xml