PT-2007-1454 · Sendmail+1 · Sendmail+1

Nathan.J.Olson

Published

2007-03-27

Updated

2017-10-11

CVE-2006-7176

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Sendmail versions 8.13.1-2 and earlier on Red Hat Enterprise Linux 4 Update 4 and earlier

Description The issue allows remote attackers to potentially spoof messages by not rejecting the "localhost.localdomain" domain name for e-mail messages coming from external hosts.

Recommendations For Sendmail version 8.13.1-2 and earlier on Red Hat Enterprise Linux 4 Update 4 and earlier, consider updating to a newer version that rejects the "localhost.localdomain" domain name for e-mail messages from external hosts. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-7176

RHSA-2007:0252

RHSA-2007_0252

RHSA-2010:0237

RHSA-2010_0237

Affected Products

Red Hat

Sendmail

PT-2007-1454 · Sendmail+1 · Sendmail+1

CVE-2006-7176

Related Identifiers

Affected Products

References · 13