Vulnerabilities > CVE-2006-7175 - Unspecified vulnerability in Sendmail 8.13.1.2

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

sendmail

NVD

Published: 2007-03-27

Updated: 2024-11-21

Summary

The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and earlier does not allow the administrator to disable SSLv2 encryption, which could cause less secure channels to be used than desired.

Vulnerable Configurations

Part	Description	Count
OS	Redhat Redhat Enterprise Linux 4.0	1
Application	Sendmail Sendmail Sendmail 8.13.1.2	1

Statements

contributor	Mark J Cox
lastmodified	2007-04-27
organization	Red Hat
statement	DISPUTED Sendmail classes the CipherList directive as "for future release"; currently unsupported and undocumented. Therefore the lack of support for the CipherList directive in various Red Hat products is not a vulnerability.

References

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=172352
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=172352