FreeBSD : sendmail -- race condition vulnerability (08ac7b8b-bb30-11da-b2fb-000e0c2e438a)

This script is Copyright (C) 2006-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Problem Description A race condition has been reported to exist in the
handling by sendmail of asynchronous signals. Impact A remote attacker
may be able to execute arbitrary code with the privileges of the user
running sendmail, typically root. Workaround There is no known
workaround other than disabling sendmail.

See also :

http://www.nessus.org/u?3228d048

Solution :

Update the affected package.

Risk factor :

High / CVSS Base Score : 7.6
(CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 21381 (freebsd_pkg_08ac7b8bbb3011dab2fb000e0c2e438a.nasl)

Bugtraq ID:

CVE ID: CVE-2006-0058

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial