CVE-2006-7176

7 documents6 sources
Severity
4.3MEDIUM
EPSS
0.7%
top 27.36%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Sendmail Sendmail
Timeline
PublishedMar 27
Latest updateMay 1

Description

The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and earlier does not reject the "localhost.localdomain" domain name for e-mail messages that come from external hosts, which might allow remote attackers to spoof messages.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

NVDsendmail/sendmail8.13.1.2

🔴Vulnerability Details

2
GHSA
GHSA-r38f-v7c5-grvh: The version of Sendmail 82022-05-01
CVEList
CVE-2006-7176: The version of Sendmail 82007-03-27

📋Vendor Advisories

2
Debian
CVE-2006-7176: sendmail - The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and earl...2006
Red Hat
sendmail allows external mail with from address [email protected]2005-10-26

💬Community

2
Bugzilla
CVE-2006-7176 sendmail allows external mail with from address [email protected]2007-05-01
Bugzilla
CVE-2006-7176 sendmail allows external mail with from address [email protected]2005-10-26
CVE-2006-7176 (MEDIUM CVSS 4.3) | The version of Sendmail 8.13.1-2 on | cvebase.io