CVE-2006-7176

Published: Mar 27, 2007Modified: Apr 23, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and earlier does not reject the "localhost.localdomain" domain name for e-mail messages that come from external hosts, which might allow remote attackers to spoof messages.

Affected (1)

Products: Sendmail: Sendmail

Sendmail

1 product

Sendmail

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Sendmail Sendmail	Version 8.13.1.2

Running on/with	Platform Versions
Redhat Enterprise Linux	Version 4.0 update4

References (14)

http://secunia.com/advisories/25098

Source: cve@mitre.org

http://secunia.com/advisories/25743

Source: cve@mitre.org

http://support.avaya.com/elmodocs2/security/ASA-2007-248.htm

Source: cve@mitre.org

http://www.redhat.com/support/errata/RHSA-2007-0252.html

Source: cve@mitre.org

http://www.securityfocus.com/bid/23742

Source: cve@mitre.org

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=171838

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11499

Source: cve@mitre.org

http://secunia.com/advisories/25098