Sendmail Race Condition in Signal Handler May Let Remote Users Trigger a Buffer Overflow to Execute Arbitrary Code
|
|
SecurityTracker Alert ID: 1015801
|
|
SecurityTracker URL: http://securitytracker.com/id?1015801
|
|
CVE Reference: CVE-2006-0058
(Links to External Site)
|
Updated: Mar 22 2006
|
Original Entry Date: Mar 22 2006
|
Impact: Execution of arbitrary code via network, Root access via network
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Version(s): prior to 8.13.6
|
Description: A vulnerability was reported in Sendmail. A remote user may be able to execute arbitrary code on the target system.
Under certain specific timing conditions, a remote user can send specially crafted e-mail data to the target system to exploit a
race condition in a signal handler and trigger a buffer overflow. This may allow the remote user to execute arbitrary code on the
target system with the privileges of the sendmail process.
ISS discovered this vulnerability.
The original advisory is available
at:
http://xforce.iss.net/xforce/xfdb/24584
|
Impact: A remote user can execute arbitrary code on the target system with the privileges of the sendmail process (typically root privileges).
|
Solution: The vendor has issued a fixed version (8.13.6), available at:
http://www.sendmail.org/8.13.6.html
A patch is also available
for 8.13.5:
ftp://ftp.sendmail.org/pub/sendmail/8.13.5.p0
A patch is also available for 8.12.11:
ftp://ftp.sendmail.org/pub/sendmail/8.12.11.p0
|
Vendor URL: www.sendmail.org/ (Links to External Site)
|
Cause: Boundary error
|
Underlying OS: Linux (Any), UNIX (Any)
|
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
Date: Wed, 22 Mar 2006 14:25:25 -0500
Subject: Sendmail vulnerability
|
http://www.sendmail.com/company/advisory/index.shtml
CVE-2006-0058
|
|
