FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2006-0058

This CVE name corresponds to:

Entered Topic
2006-03-24 sendmail -- race condition vulnerability

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2006-0058 at cve.mitre.org

Details

Type Candidate
Name CVE-2006-0058
Phase Assigned(20060101)

Description

Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory locations.

References

Source Reference
BUGTRAQ 20060322 sendmail vuln advisories (CVE-2006-0058)
ISS 20060322 Sendmail Remote Signal Handling Vulnerability
CONFIRM http://www.sendmail.com/company/advisory/index.shtml
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-074.htm
CONFIRM http://www.f-secure.com/security/fsc-2006-2.shtml
CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-078.htm
CONFIRM http://www14.software.ibm.com/webapp/set2/sas/f/hmc/power5/install/v52.Readme.html#MH00688
CONFIRM http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=2751
AIXAPAR IY82992
AIXAPAR IY82993
AIXAPAR IY82994
DEBIAN DSA-1015
FEDORA FLSA:186277
FEDORA FEDORA-2006-193
FEDORA FEDORA-2006-194
FREEBSD FreeBSD-SA-06:13
GENTOO GLSA-200603-21
HP HPSBUX02108
HP SSRT061133
HP HPSBTU02116
HP SSRT061135
MANDRIVA MDKSA-2006:058
NETBSD NetBSD-SA2006-010
OPENBSD [3.8] 006: SECURITY FIX: March 25, 2006
OPENPKG OpenPKG-SA-2006.007
REDHAT RHSA-2006:0264
REDHAT RHSA-2006:0265
SCO SCOSA-2006.24
SGI 20060302-01-P
SGI 20060401-01-U
SLACKWARE SSA:2006-081-01
SUNALERT 102262
SUNALERT 102324
SUNALERT 200494
SUSE SUSE-SA:2006:017
CERT TA06-081A
CERT-VN VU#834865
CIAC Q-151
BID 17192
OVAL oval:org.mitre.oval:def:11074
VUPEN ADV-2006-1049
VUPEN ADV-2006-1051
VUPEN ADV-2006-1068
VUPEN ADV-2006-1072
VUPEN ADV-2006-1139
VUPEN ADV-2006-1157
VUPEN ADV-2006-1529
VUPEN ADV-2006-2189
VUPEN ADV-2006-2490
OSVDB 24037
OVAL oval:org.mitre.oval:def:1689
SECTRACK 1015801
SECUNIA 19342
SECUNIA 19363
SECUNIA 19367
SECUNIA 19368
SECUNIA 19404
SECUNIA 19407
SECUNIA 19349
SECUNIA 19360
SECUNIA 19361
SECUNIA 19394
SECUNIA 19450
SECUNIA 19466
SECUNIA 19533
SECUNIA 19532
SECUNIA 19345
SECUNIA 19346
SECUNIA 19356
SECUNIA 19676
SECUNIA 19774
SECUNIA 20243
SECUNIA 20723
SREASON 612
SREASON 743
XF smtp-timeout-bo(24584)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.