PT-2006-1146 · Sendmail+2 · Sendmail+2

Mark Dowd

Publicado

2006-03-22

Atualizado

2018-10-19

CVE-2006-0058

CVSS v2.0

7.6

Alta

Vetor

AV:N/AC:H/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Sendmail versions 8.13.x through 8.13.5

Description: A signal handler race condition allows remote attackers to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory locations.

Recommendations: For Sendmail versions 8.13.x through 8.13.5, update to version 8.13.6 or later to resolve the issue.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2006-0058

DSA-1015-1

HPSBUX02108

RHSA-2006:0264

RHSA-2006_0264

Produtos afetados

Hp-Ux

Red Hat

Sendmail

PT-2006-1146 · Sendmail+2 · Sendmail+2

CVE-2006-0058

Identificadores relacionados

Produtos afetados

Referências · 83