Oval Definition:oval:com.redhat.rhsa:def:20060515
Revision Date:2008-03-20Version:647
Title:RHSA-2006:0515: sendmail security update (Important)
Description:Sendmail is a Mail Transport Agent (MTA) used to send mail between machines.

A flaw in the handling of multi-part MIME messages was discovered in Sendmail. A remote attacker could create a carefully crafted message that could crash the sendmail process during delivery (CVE-2006-1173). By default on Red Hat Enterprise Linux, Sendmail is configured to only accept connections from the local host. Therefore, only users who have configured Sendmail to listen to remote hosts would be remotely vulnerable to this issue.

Users of Sendmail are advised to upgrade to these erratum packages, which contain a backported patch from the Sendmail team to correct this issue.
Family:unixClass:patch
Status:Reference(s):CVE-2006-1173
RHSA-2006:0515
RHSA-2006:0515-02
RHSA-2006:0515-02
Platform(s):Red Hat Enterprise Linux 3
Red Hat Enterprise Linux 4
Product(s):
Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 3 is installed
  • AND
  • sendmail-devel is earlier than 0:8.12.11-4.RHEL3.6
  • AND sendmail-devel is signed with Red Hat master key
  • sendmail-doc is earlier than 0:8.12.11-4.RHEL3.6
  • AND sendmail-doc is signed with Red Hat master key
  • sendmail is earlier than 0:8.12.11-4.RHEL3.6
  • AND sendmail is signed with Red Hat master key
  • sendmail-cf is earlier than 0:8.12.11-4.RHEL3.6
  • AND sendmail-cf is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • sendmail is earlier than 0:8.13.1-3.RHEL4.5
  • AND sendmail is signed with Red Hat master key
  • sendmail-devel is earlier than 0:8.13.1-3.RHEL4.5
  • AND sendmail-devel is signed with Red Hat master key
  • sendmail-cf is earlier than 0:8.13.1-3.RHEL4.5
  • AND sendmail-cf is signed with Red Hat master key
  • sendmail-doc is earlier than 0:8.13.1-3.RHEL4.5
  • AND sendmail-doc is signed with Red Hat master key
    • Definition Synopsis
  • Release Information
  • Red Hat Enterprise Linux 3 is installed
  • AND
  • sendmail is earlier than 0:8.12.11-4.RHEL3.6
  • AND sendmail is signed with Red Hat master key
  • sendmail-cf is earlier than 0:8.12.11-4.RHEL3.6
  • AND sendmail-cf is signed with Red Hat master key
  • sendmail-devel is earlier than 0:8.12.11-4.RHEL3.6
  • AND sendmail-devel is signed with Red Hat master key
  • sendmail-doc is earlier than 0:8.12.11-4.RHEL3.6
  • AND sendmail-doc is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • sendmail is earlier than 0:8.13.1-3.RHEL4.5
  • AND sendmail is signed with Red Hat master key
  • sendmail-cf is earlier than 0:8.13.1-3.RHEL4.5
  • AND sendmail-cf is signed with Red Hat master key
  • sendmail-devel is earlier than 0:8.13.1-3.RHEL4.5
  • AND sendmail-devel is signed with Red Hat master key
  • sendmail-doc is earlier than 0:8.13.1-3.RHEL4.5
  • AND sendmail-doc is signed with Red Hat master key
    • Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • sendmail is earlier than 0:8.13.1-3.RHEL4.5
  • AND sendmail is signed with Red Hat redhatrelease2 key
  • sendmail-cf is earlier than 0:8.13.1-3.RHEL4.5
  • AND sendmail-cf is signed with Red Hat redhatrelease2 key
  • sendmail-devel is earlier than 0:8.13.1-3.RHEL4.5
  • AND sendmail-devel is signed with Red Hat redhatrelease2 key
  • sendmail-doc is earlier than 0:8.13.1-3.RHEL4.5
  • AND sendmail-doc is signed with Red Hat redhatrelease2 key
    • BACK