PT-2006-1146 · Sendmail+2 · Sendmail+2

Mark Dowd

Published

2006-03-22

Updated

2018-10-19

CVE-2006-0058

CVSS v2.0

7.6

High

Vector

AV:N/AC:H/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Sendmail versions 8.13.x through 8.13.5

Description: A signal handler race condition allows remote attackers to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory locations.

Recommendations: For Sendmail versions 8.13.x through 8.13.5, update to version 8.13.6 or later to resolve the issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-0058

DSA-1015-1

HPSBUX02108

RHSA-2006:0264

RHSA-2006_0264

Affected Products

Hp-Ux

Red Hat

Sendmail

PT-2006-1146 · Sendmail+2 · Sendmail+2

CVE-2006-0058

Related Identifiers

Affected Products

References · 83