Published: 22/03/2006 Updated: 19/10/2018

CVSS v2 Base Score: 7.6 | Impact Score: 10 | Exploitability Score: 4.9

VMScore: 765

Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C

Subscribe to Sendmail

Signal handler race condition in Sendmail 8.13.x prior to 8.13.6 allows remote malicious users to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory locations.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sendmail sendmail 8.13.2
sendmail sendmail 8.13.3
sendmail sendmail 8.13.0
sendmail sendmail 8.13.1
sendmail sendmail 8.13.4
sendmail sendmail 8.13.5

Debian Bug report logs - #358440 sendmail: race, exec arbitrary, fixed 8136 Package: sendmail; Maintainer for sendmail is Debian QA Group <packages@qadebianorg>; Source for sendmail is src:sendmail (PTS, buildd, popcon) Reported by: Paul Szabo <psz@mathsusydeduau> Date: Wed, 22 Mar 2006 19:33:04 UTC Severity: ...

Mark Dowd discovered a flaw in the handling of asynchronous signals in sendmail, a powerful, efficient, and scalable mail transport agent This allows a remote attacker to exploit a race condition to execute arbitrary code as root For the old stable distribution (woody) this problem has been fixed in version 8123-72 For the stable distribution ...

#!/usr/bin/env python # # redsand@blacksecurityorg # Sendmail 8135 and below Remote Signal Handling exploit # usage: rbl4ck-sendmailpy 127001 0 25 # # # this exploit was leaked to the PHC (Phrack High Council) # so instead of only letting them have a copy, we figure # everyone should have what they have # # :-) # # ...

NVD-CWE-Other http://www.redhat.com/support/errata/RHSA-2006-0264.html http://www.redhat.com/support/errata/RHSA-2006-0265.html http://www.securityfocus.com/archive/1/428536/100/0/threaded http://www.sendmail.com/company/advisory/index.shtml http://www.debian.org/security/2006/dsa-1015 http://www.gentoo.org/security/en/glsa/glsa-200603-21.xml http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.007-sendmail.html http://www.us-cert.gov/cas/techalerts/TA06-081A.html http://www.kb.cert.org/vuls/id/834865 http://secunia.com/advisories/19342 http://secunia.com/advisories/19363 http://secunia.com/advisories/19367 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:13.sendmail.asc http://www.novell.com/linux/security/advisories/2006_17_sendmail.html http://support.avaya.com/elmodocs2/security/ASA-2006-074.htm http://www.openbsd.org/errata38.html#sendmail http://sunsolve.sun.com/search/document.do?assetkey=1-26-102262-1 http://www.securityfocus.com/bid/17192 http://www.osvdb.org/24037 http://securitytracker.com/id?1015801 http://secunia.com/advisories/19368 http://secunia.com/advisories/19404 http://secunia.com/advisories/19407 http://secunia.com/advisories/19349 http://secunia.com/advisories/19360 http://secunia.com/advisories/19361 http://www.f-secure.com/security/fsc-2006-2.shtml ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-010.txt.asc http://secunia.com/advisories/19394 http://secunia.com/advisories/19450 http://secunia.com/advisories/19466 http://www-1.ibm.com/support/search.wss?rs=0&q=IY82992&apar=only http://www-1.ibm.com/support/search.wss?rs=0&q=IY82993&apar=only http://www-1.ibm.com/support/search.wss?rs=0&q=IY82994&apar=only http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.619600 ftp://patches.sgi.com/support/free/security/advisories/20060302-01-P ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U http://secunia.com/advisories/19533 http://secunia.com/advisories/19532 http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00018.html http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00017.html http://www.ciac.org/ciac/bulletins/q-151.shtml http://secunia.com/advisories/19345 http://secunia.com/advisories/19346 http://secunia.com/advisories/19356 http://support.avaya.com/elmodocs2/security/ASA-2006-078.htm http://secunia.com/advisories/19676 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102324-1 http://secunia.com/advisories/19774 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.24/SCOSA-2006.24.txt http://secunia.com/advisories/20243 http://www14.software.ibm.com/webapp/set2/sas/f/hmc/power5/install/v52.Readme.html#MH00688 http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=2751 http://secunia.com/advisories/20723 http://www.mandriva.com/security/advisories?name=MDKSA-2006:058 http://securityreason.com/securityalert/612 http://securityreason.com/securityalert/743 http://sunsolve.sun.com/search/document.do?assetkey=1-66-200494-1 http://www.iss.net/threats/216.html http://www.vupen.com/english/advisories/2006/1157 http://www.vupen.com/english/advisories/2006/1529 http://www.vupen.com/english/advisories/2006/1051 http://www.vupen.com/english/advisories/2006/2189 http://www.vupen.com/english/advisories/2006/1139 http://itrc.hp.com/service/cki/docDisplay.do?docId=c00692635 http://www.vupen.com/english/advisories/2006/1072 http://www.vupen.com/english/advisories/2006/2490 http://www.vupen.com/english/advisories/2006/1068 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00629555 http://www.vupen.com/english/advisories/2006/1049 https://exchange.xforce.ibmcloud.com/vulnerabilities/24584 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1689 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11074 http://www.securityfocus.com/archive/1/428656/100/0/threaded https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=358440 https://nvd.nist.gov https://www.exploit-db.com/exploits/2051/https://www.kb.cert.org/vuls/id/834865

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook