CVE-2006-0058 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2006-0058
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-0058

Description: Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory locations.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/24584 SUSE http://www.novell.com/linux/security/advisories/2006_17_sendmail.html SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-102324-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102262-1 ST 1015801 SREASON http://securityreason.com/securityalert/612 http://securityreason.com/securityalert/743 SLACKWARE http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.619600 SGI SCO SAID Secunia Advisory: SA19360 Secunia Advisory: SA19361 Secunia Advisory: SA19407 Secunia Advisory: SA19367 Secunia Advisory: SA19368 Secunia Advisory: SA19404 Secunia Advisory: SA19363 Secunia Advisory: SA19342 Secunia Advisory: SA19349 Secunia Advisory: SA19394 Secunia Advisory: SA19450 Secunia Advisory: SA19466 Secunia Advisory: SA19533 Secunia Advisory: SA19532 Secunia Advisory: SA19345 Secunia Advisory: SA19346 Secunia Advisory: SA19356 Secunia Advisory: SA19676 Secunia Advisory: SA19774 Secunia Advisory: SA20243 Secunia Advisory: SA20723 REDHAT http://www.redhat.com/support/errata/RHSA-2006-0265.html http://www.redhat.com/support/errata/RHSA-2006-0264.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1689 OSVDB 24037 OPENPKG http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.007-sendmail.html OPENBSD http://www.openbsd.org/errata38.html#sendmail NETBSD MANDRIVA http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:058 ISS http://xforce.iss.net/xforce/alerts/id/216 HP http://itrc.hp.com/service/cki/docDisplay.do?docId=c00692635 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00629555 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200603-21.xml FREEBSD FEDORA http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00017.html http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00018.html http://www.securityfocus.com/archive/1/archive/1/428656/100/0/threaded DEBIAN http://www.debian.org/security/2006/dsa-1015 CONFIRM http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=2751 http://www14.software.ibm.com/webapp/set2/sas/f/hmc/power5/install/v52.Readme.html#MH00688 http://support.avaya.com/elmodocs2/security/ASA-2006-078.htm http://www.f-secure.com/security/fsc-2006-2.shtml http://support.avaya.com/elmodocs2/security/ASA-2006-074.htm http://www.sendmail.com/company/advisory/index.shtml CIAC http://www.ciac.org/ciac/bulletins/q-151.shtml CERT-VN 834865 CERT http://www.us-cert.gov/cas/techalerts/TA06-081A.html BUGTRAQ http://www.securityfocus.com/archive/1/428536/100/0/threaded BID 17192 AIXAPAR http://www-1.ibm.com/support/search.wss?rs=0&q=IY82994&apar=only http://www-1.ibm.com/support/search.wss?rs=0&q=IY82993&apar=only http://www-1.ibm.com/support/search.wss?rs=0&q=IY82992&apar=only

Return to the previous page.