GLSA-200603-21 : Sendmail: Race condition in the handling of asynchronous signals
High Nessus Plugin ID 21128
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-200603-21 (Sendmail: Race condition in the handling of asynchronous signals)
ISS discovered that Sendmail is vulnerable to a race condition in the handling of asynchronous signals.
An attacker could exploit this via certain crafted timing conditions.
There is no known workaround at this time.
SolutionAll Sendmail users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=mail-mta/sendmail-8.13.6'