CVE-2006-0058

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory locations.

References

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:13.sendmail.asc

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-010.txt.asc

ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.24/SCOSA-2006.24.txt

ftp://patches.sgi.com/support/free/security/advisories/20060302-01-P

ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00629555

http://itrc.hp.com/service/cki/docDisplay.do?docId=c00692635

http://secunia.com/advisories/19342

http://secunia.com/advisories/19345

http://secunia.com/advisories/19346

http://secunia.com/advisories/19349

http://secunia.com/advisories/19356

http://secunia.com/advisories/19360

http://secunia.com/advisories/19361

http://secunia.com/advisories/19363

http://secunia.com/advisories/19367

http://secunia.com/advisories/19368

http://secunia.com/advisories/19394

http://secunia.com/advisories/19404

http://secunia.com/advisories/19407

http://secunia.com/advisories/19450

http://secunia.com/advisories/19466

http://secunia.com/advisories/19532

http://secunia.com/advisories/19533

http://secunia.com/advisories/19676

http://secunia.com/advisories/19774

http://secunia.com/advisories/20243

http://secunia.com/advisories/20723

http://securityreason.com/securityalert/612

http://securityreason.com/securityalert/743

http://securitytracker.com/id?1015801

http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.619600

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102262-1

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102324-1

http://sunsolve.sun.com/search/document.do?assetkey=1-66-200494-1

http://support.avaya.com/elmodocs2/security/ASA-2006-074.htm

http://support.avaya.com/elmodocs2/security/ASA-2006-078.htm

http://www.ciac.org/ciac/bulletins/q-151.shtml

http://www.debian.org/security/2006/dsa-1015

http://www.f-secure.com/security/fsc-2006-2.shtml

http://www.gentoo.org/security/en/glsa/glsa-200603-21.xml

http://www.iss.net/threats/216.html

http://www.kb.cert.org/vuls/id/834865

http://www.mandriva.com/security/advisories?name=MDKSA-2006:058

http://www.novell.com/linux/security/advisories/2006_17_sendmail.html

http://www.openbsd.org/errata38.html#sendmail

http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.007-sendmail.html

http://www.osvdb.org/24037

http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00017.html

http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00018.html

http://www.redhat.com/support/errata/RHSA-2006-0264.html

http://www.redhat.com/support/errata/RHSA-2006-0265.html

http://www.securityfocus.com/archive/1/428536/100/0/threaded

http://www.securityfocus.com/archive/1/428656/100/0/threaded

http://www.securityfocus.com/bid/17192

http://www.sendmail.com/company/advisory/index.shtml

http://www.us-cert.gov/cas/techalerts/TA06-081A.html

http://www.vupen.com/english/advisories/2006/1049

http://www.vupen.com/english/advisories/2006/1051

http://www.vupen.com/english/advisories/2006/1068

http://www.vupen.com/english/advisories/2006/1072

http://www.vupen.com/english/advisories/2006/1139

http://www.vupen.com/english/advisories/2006/1157

http://www.vupen.com/english/advisories/2006/1529

http://www.vupen.com/english/advisories/2006/2189

http://www.vupen.com/english/advisories/2006/2490

http://www-1.ibm.com/support/search.wss?rs=0&q=IY82992&apar=only

http://www-1.ibm.com/support/search.wss?rs=0&q=IY82993&apar=only

http://www-1.ibm.com/support/search.wss?rs=0&q=IY82994&apar=only

http://www14.software.ibm.com/webapp/set2/sas/f/hmc/power5/install/v52.Readme.html#MH00688

http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=2751

https://exchange.xforce.ibmcloud.com/vulnerabilities/24584

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11074

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1689

Details

Source: MITRE

Published: 2006-03-22

Updated: 2018-10-19

Risk Information

CVSS v2

Base Score: 7.6

Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 4.9

Severity: HIGH

Tenable Plugins

View all (23 total)

IDNameProductFamilySeverity
65293AIX 5.2 TL 8 : bos.net.tcp.client (U806006)NessusAIX Local Security Checks
high
65291AIX 5.3 TL 4 / 5.3 TL 5 : bos.net.tcp.client (U805069)NessusAIX Local Security Checks
high
26135HP-UX PHNE_35485 : s700_800 11.23 sendmail(1M) 8.11.1 patchNessusHP-UX Local Security Checks
critical
26134HP-UX PHNE_35484 : s700_800 11.11 sendmail(1M) 8.9.3 patchNessusHP-UX Local Security Checks
critical
26133HP-UX PHNE_35483 : s700_800 11.00 sendmail(1M) 8.9.3 patchNessusHP-UX Local Security Checks
critical
22557Debian DSA-1015-1 : sendmail - programming errorNessusDebian Local Security Checks
high
22175HP-UX PHNE_34927 : s700_800 11.04 (VVOS) sendmail(1m) 8.9.3 patchNessusHP-UX Local Security Checks
high
21893CentOS 3 / 4 : sendmail (CESA-2006:0264)NessusCentOS Local Security Checks
high
21653HP-UX PHNE_32006 : HP-UX Running sendmail, Remote Execution of Arbitrary Code (HPSBUX02108 SSRT061133 rev.15)NessusHP-UX Local Security Checks
high
21381FreeBSD : sendmail -- race condition vulnerability (08ac7b8b-bb30-11da-b2fb-000e0c2e438a)NessusFreeBSD Local Security Checks
high
21260Solaris 10 (sparc) : 122856-03NessusSolaris Local Security Checks
high
21191Fedora Core 4 : sendmail-8.13.6-0.FC4.1 (2006-194)NessusFedora Local Security Checks
high
21190Fedora Core 5 : sendmail-8.13.6-0.FC5.1 (2006-193)NessusFedora Local Security Checks
high
3487Sendmail < 8.13.6 Signal Handler Remote OverflowNessus Network MonitorSMTP Servers
high
21135RHEL 2.1 : sendmail (RHSA-2006:0265)NessusRed Hat Local Security Checks
high
21134RHEL 3 / 4 : sendmail (RHSA-2006:0264)NessusRed Hat Local Security Checks
high
21132Mandrake Linux Security Advisory : sendmail (MDKSA-2006:058)NessusMandriva Local Security Checks
high
21128GLSA-200603-21 : Sendmail: Race condition in the handling of asynchronous signalsNessusGentoo Local Security Checks
high
21121Slackware 10.0 / 10.1 / 10.2 / 8.1 / 9.0 / 9.1 / current : sendmail (SSA:2006-081-01)NessusSlackware Local Security Checks
high
13592Solaris 9 (x86) : 114137-10NessusSolaris Local Security Checks
high
13541Solaris 9 (sparc) : 113575-11NessusSolaris Local Security Checks
high
13454Solaris 8 (x86) : 110616-18NessusSolaris Local Security Checks
high
13350Solaris 8 (sparc) : 110615-18NessusSolaris Local Security Checks
high