CVE-2006-0058 - Vulnerability Details

Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory locations.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity High

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Redhat	Enterprise Linux
Sendmail	Sendmail

Configuration 1 [-]

OR	cpe:2.3:a:sendmail:sendmail:8.13.0:::::::*
	cpe:2.3:a:sendmail:sendmail:8.13.1:::::::*
	cpe:2.3:a:sendmail:sendmail:8.13.2:::::::*
	cpe:2.3:a:sendmail:sendmail:8.13.3:::::::*
	cpe:2.3:a:sendmail:sendmail:8.13.4:::::::*
	cpe:2.3:a:sendmail:sendmail:8.13.5:::::::*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 3
sendmail-0:8.12.11-4.RHEL3.4	cpe:/o:redhat:enterprise_linux:3	RHSA-2006:0264	2006-03-22T00:00:00Z
Red Hat Enterprise Linux 4
sendmail-0:8.13.1-3.RHEL4.3	cpe:/o:redhat:enterprise_linux:4	RHSA-2006:0264	2006-03-22T00:00:00Z
Red Hat Enterprise Linux AS (Advanced Server) version 2.1
	cpe:/o:redhat:enterprise_linux:2.1	RHSA-2006:0265	2006-03-22T00:00:00Z
Red Hat Enterprise Linux ES version 2.1
	cpe:/o:redhat:enterprise_linux:2.1	RHSA-2006:0265	2006-03-22T00:00:00Z
Red Hat Enterprise Linux WS version 2.1
	cpe:/o:redhat:enterprise_linux:2.1	RHSA-2006:0265	2006-03-22T00:00:00Z
Red Hat Linux Advanced Workstation 2.1
	cpe:/o:redhat:enterprise_linux:2.1	RHSA-2006:0265	2006-03-22T00:00:00Z

References

Link	Providers
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:13.sendmail.asc
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-010.txt.asc
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.24/SCOSA-2006.24.txt
ftp://patches.sgi.com/support/free/security/advisories/20060302-01-P
ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00629555
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00692635
http://secunia.com/advisories/19342
http://secunia.com/advisories/19345
http://secunia.com/advisories/19346
http://secunia.com/advisories/19349
http://secunia.com/advisories/19356
http://secunia.com/advisories/19360
http://secunia.com/advisories/19361
http://secunia.com/advisories/19363
http://secunia.com/advisories/19367
http://secunia.com/advisories/19368
http://secunia.com/advisories/19394
http://secunia.com/advisories/19404
http://secunia.com/advisories/19407
http://secunia.com/advisories/19450
http://secunia.com/advisories/19466
http://secunia.com/advisories/19532
http://secunia.com/advisories/19533
http://secunia.com/advisories/19676
http://secunia.com/advisories/19774
http://secunia.com/advisories/20243
http://secunia.com/advisories/20723
http://securityreason.com/securityalert/612
http://securityreason.com/securityalert/743
http://securitytracker.com/id?1015801
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.619600
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102262-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102324-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200494-1
http://support.avaya.com/elmodocs2/security/ASA-2006-074.htm
http://support.avaya.com/elmodocs2/security/ASA-2006-078.htm
http://www-1.ibm.com/support/search.wss?rs=0&q=IY82992&apar=only
http://www-1.ibm.com/support/search.wss?rs=0&q=IY82993&apar=only
http://www-1.ibm.com/support/search.wss?rs=0&q=IY82994&apar=only
http://www.ciac.org/ciac/bulletins/q-151.shtml
http://www.debian.org/security/2006/dsa-1015
http://www.f-secure.com/security/fsc-2006-2.shtml
http://www.gentoo.org/security/en/glsa/glsa-200603-21.xml
http://www.iss.net/threats/216.html
http://www.kb.cert.org/vuls/id/834865
http://www.mandriva.com/security/advisories?name=MDKSA-2006:058
http://www.novell.com/linux/security/advisories/2006_17_sendmail.html
http://www.openbsd.org/errata38.html#sendmail
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.007-sendmail.html
http://www.osvdb.org/24037
http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00017.html
http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00018.html
http://www.redhat.com/support/errata/RHSA-2006-0264.html
http://www.redhat.com/support/errata/RHSA-2006-0265.html
http://www.securityfocus.com/archive/1/428536/100/0/threaded
http://www.securityfocus.com/archive/1/428656/100/0/threaded
http://www.securityfocus.com/bid/17192
http://www.sendmail.com/company/advisory/index.shtml
http://www.us-cert.gov/cas/techalerts/TA06-081A.html
http://www.vupen.com/english/advisories/2006/1049
http://www.vupen.com/english/advisories/2006/1051
http://www.vupen.com/english/advisories/2006/1068
http://www.vupen.com/english/advisories/2006/1072
http://www.vupen.com/english/advisories/2006/1139
http://www.vupen.com/english/advisories/2006/1157
http://www.vupen.com/english/advisories/2006/1529
http://www.vupen.com/english/advisories/2006/2189
http://www.vupen.com/english/advisories/2006/2490
http://www14.software.ibm.com/webapp/set2/sas/f/hmc/power5/install/v52.Readme.html#MH00688
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=2751
https://exchange.xforce.ibmcloud.com/vulnerabilities/24584
https://nvd.nist.gov/vuln/detail/CVE-2006-0058
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11074
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1689
https://www.cve.org/CVERecord?id=CVE-2006-0058

History

No history.

MITRE

Status: PUBLISHED

Assigner: certcc

Published: 2006-03-22T20:00:00

Updated: 2024-08-07T16:18:20.809Z

Reserved: 2006-01-01T00:00:00

Link: CVE-2006-0058

Vulnrichment

No data.

NVD

Status : Modified

Published: 2006-03-22T20:06:00.000

Modified: 2024-11-21T00:05:33.340

Link: CVE-2006-0058

Redhat

Severity : Critical

Publid Date: 2006-03-22T16:00:00Z

Links: CVE-2006-0058 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-03-22T00:00:00", "descriptions": [{"lang": "en", "value": "Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory locations."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-19T14:57:01", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc"}, "references": [{"name": "ADV-2006-1529", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/1529"}, {"name": "HPSBTU02116", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00692635"}, {"name": "19450", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19450"}, {"name": "DSA-1015", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2006/dsa-1015"}, {"name": "MDKSA-2006:058", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:058"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/power5/install/v52.Readme.html#MH00688"}, {"name": "[3.8] 006: SECURITY FIX: March 25, 2006", "tags": ["vendor-advisory", "x_refsource_OPENBSD"], "url": "http://www.openbsd.org/errata38.html#sendmail"}, {"name": "VU#834865", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/834865"}, {"name": "SCOSA-2006.24", "tags": ["vendor-advisory", "x_refsource_SCO"], "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.24/SCOSA-2006.24.txt"}, {"name": "19342", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19342"}, {"name": "ADV-2006-1049", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/1049"}, {"name": "19774", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19774"}, {"name": "FreeBSD-SA-06:13", "tags": ["vendor-advisory", "x_refsource_FREEBSD"], "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:13.sendmail.asc"}, {"name": "oval:org.mitre.oval:def:11074", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11074"}, {"name": "20060401-01-U", "tags": ["vendor-advisory", "x_refsource_SGI"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U"}, {"name": "200494", "tags": ["vendor-advisory", "x_refsource_SUNALERT"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200494-1"}, {"name": "19404", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19404"}, {"name": "19367", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19367"}, {"name": "OpenPKG-SA-2006.007", "tags": ["vendor-advisory", "x_refsource_OPENPKG"], "url": "http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.007-sendmail.html"}, {"name": "ADV-2006-1051", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/1051"}, {"name": "20060322 sendmail vuln advisories (CVE-2006-0058)", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/428536/100/0/threaded"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.f-secure.com/security/fsc-2006-2.shtml"}, {"name": "743", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/743"}, {"name": "1015801", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1015801"}, {"name": "HPSBUX02108", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00629555"}, {"name": "19363", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19363"}, {"name": "smtp-timeout-bo(24584)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24584"}, {"name": "TA06-081A", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.us-cert.gov/cas/techalerts/TA06-081A.html"}, {"name": "20723", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/20723"}, {"name": "20243", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/20243"}, {"name": "19407", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19407"}, {"name": "ADV-2006-2189", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/2189"}, {"name": "FEDORA-2006-194", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00017.html"}, {"name": "20060302-01-P", "tags": ["vendor-advisory", "x_refsource_SGI"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060302-01-P"}, {"name": "20060322 Sendmail Remote Signal Handling Vulnerability", "tags": ["third-party-advisory", "x_refsource_ISS"], "url": "http://www.iss.net/threats/216.html"}, {"name": "19466", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19466"}, {"name": "19368", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19368"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-078.htm"}, {"name": "Q-151", "tags": ["third-party-advisory", "government-resource", "x_refsource_CIAC"], "url": "http://www.ciac.org/ciac/bulletins/q-151.shtml"}, {"name": "SSRT061133", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00629555"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-074.htm"}, {"name": "19345", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19345"}, {"name": "612", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/612"}, {"name": "FEDORA-2006-193", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00018.html"}, {"name": "19346", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19346"}, {"name": "SSA:2006-081-01", "tags": ["vendor-advisory", "x_refsource_SLACKWARE"], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.619600"}, {"name": "IY82992", "tags": ["vendor-advisory", "x_refsource_AIXAPAR"], "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IY82992&apar=only"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=2751"}, {"name": "GLSA-200603-21", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-21.xml"}, {"name": "IY82994", "tags": ["vendor-advisory", "x_refsource_AIXAPAR"], "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IY82994&apar=only"}, {"name": "IY82993", "tags": ["vendor-advisory", "x_refsource_AIXAPAR"], "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IY82993&apar=only"}, {"name": "ADV-2006-1068", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/1068"}, {"name": "RHSA-2006:0265", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2006-0265.html"}, {"name": "ADV-2006-2490", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/2490"}, {"name": "ADV-2006-1072", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/1072"}, {"name": "FLSA:186277", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://www.securityfocus.com/archive/1/428656/100/0/threaded"}, {"name": "19360", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19360"}, {"name": "19532", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19532"}, {"name": "102324", "tags": ["vendor-advisory", "x_refsource_SUNALERT"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102324-1"}, {"name": "19361", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19361"}, {"name": "19676", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19676"}, {"name": "19356", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19356"}, {"name": "SUSE-SA:2006:017", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://www.novell.com/linux/security/advisories/2006_17_sendmail.html"}, {"name": "24037", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/24037"}, {"name": "19349", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19349"}, {"name": "102262", "tags": ["vendor-advisory", "x_refsource_SUNALERT"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102262-1"}, {"name": "19394", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19394"}, {"name": "SSRT061135", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00692635"}, {"name": "ADV-2006-1139", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/1139"}, {"name": "ADV-2006-1157", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/1157"}, {"name": "19533", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19533"}, {"name": "oval:org.mitre.oval:def:1689", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1689"}, {"name": "NetBSD-SA2006-010", "tags": ["vendor-advisory", "x_refsource_NETBSD"], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-010.txt.asc"}, {"name": "17192", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/17192"}, {"name": "RHSA-2006:0264", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2006-0264.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.sendmail.com/company/advisory/index.shtml"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cert@cert.org", "ID": "CVE-2006-0058", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory locations."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ADV-2006-1529", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/1529"}, {"name": "HPSBTU02116", "refsource": "HP", "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00692635"}, {"name": "19450", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19450"}, {"name": "DSA-1015", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2006/dsa-1015"}, {"name": "MDKSA-2006:058", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:058"}, {"name": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/power5/install/v52.Readme.html#MH00688", "refsource": "CONFIRM", "url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/power5/install/v52.Readme.html#MH00688"}, {"name": "[3.8] 006: SECURITY FIX: March 25, 2006", "refsource": "OPENBSD", "url": "http://www.openbsd.org/errata38.html#sendmail"}, {"name": "VU#834865", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/834865"}, {"name": "SCOSA-2006.24", "refsource": "SCO", "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.24/SCOSA-2006.24.txt"}, {"name": "19342", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19342"}, {"name": "ADV-2006-1049", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/1049"}, {"name": "19774", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19774"}, {"name": "FreeBSD-SA-06:13", "refsource": "FREEBSD", "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:13.sendmail.asc"}, {"name": "oval:org.mitre.oval:def:11074", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11074"}, {"name": "20060401-01-U", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U"}, {"name": "200494", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200494-1"}, {"name": "19404", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19404"}, {"name": "19367", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19367"}, {"name": "OpenPKG-SA-2006.007", "refsource": "OPENPKG", "url": "http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.007-sendmail.html"}, {"name": "ADV-2006-1051", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/1051"}, {"name": "20060322 sendmail vuln advisories (CVE-2006-0058)", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/428536/100/0/threaded"}, {"name": "http://www.f-secure.com/security/fsc-2006-2.shtml", "refsource": "CONFIRM", "url": "http://www.f-secure.com/security/fsc-2006-2.shtml"}, {"name": "743", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/743"}, {"name": "1015801", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1015801"}, {"name": "HPSBUX02108", "refsource": "HP", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00629555"}, {"name": "19363", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19363"}, {"name": "smtp-timeout-bo(24584)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24584"}, {"name": "TA06-081A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA06-081A.html"}, {"name": "20723", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20723"}, {"name": "20243", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20243"}, {"name": "19407", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19407"}, {"name": "ADV-2006-2189", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/2189"}, {"name": "FEDORA-2006-194", "refsource": "FEDORA", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00017.html"}, {"name": "20060302-01-P", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060302-01-P"}, {"name": "20060322 Sendmail Remote Signal Handling Vulnerability", "refsource": "ISS", "url": "http://www.iss.net/threats/216.html"}, {"name": "19466", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19466"}, {"name": "19368", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19368"}, {"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-078.htm", "refsource": "CONFIRM", "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-078.htm"}, {"name": "Q-151", "refsource": "CIAC", "url": "http://www.ciac.org/ciac/bulletins/q-151.shtml"}, {"name": "SSRT061133", "refsource": "HP", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00629555"}, {"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-074.htm", "refsource": "CONFIRM", "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-074.htm"}, {"name": "19345", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19345"}, {"name": "612", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/612"}, {"name": "FEDORA-2006-193", "refsource": "FEDORA", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00018.html"}, {"name": "19346", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19346"}, {"name": "SSA:2006-081-01", "refsource": "SLACKWARE", "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.619600"}, {"name": "IY82992", "refsource": "AIXAPAR", "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IY82992&apar=only"}, {"name": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=2751", "refsource": "CONFIRM", "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=2751"}, {"name": "GLSA-200603-21", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-21.xml"}, {"name": "IY82994", "refsource": "AIXAPAR", "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IY82994&apar=only"}, {"name": "IY82993", "refsource": "AIXAPAR", "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IY82993&apar=only"}, {"name": "ADV-2006-1068", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/1068"}, {"name": "RHSA-2006:0265", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0265.html"}, {"name": "ADV-2006-2490", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/2490"}, {"name": "ADV-2006-1072", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/1072"}, {"name": "FLSA:186277", "refsource": "FEDORA", "url": "http://www.securityfocus.com/archive/1/428656/100/0/threaded"}, {"name": "19360", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19360"}, {"name": "19532", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19532"}, {"name": "102324", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102324-1"}, {"name": "19361", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19361"}, {"name": "19676", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19676"}, {"name": "19356", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19356"}, {"name": "SUSE-SA:2006:017", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2006_17_sendmail.html"}, {"name": "24037", "refsource": "OSVDB", "url": "http://www.osvdb.org/24037"}, {"name": "19349", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19349"}, {"name": "102262", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102262-1"}, {"name": "19394", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19394"}, {"name": "SSRT061135", "refsource": "HP", "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00692635"}, {"name": "ADV-2006-1139", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/1139"}, {"name": "ADV-2006-1157", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/1157"}, {"name": "19533", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19533"}, {"name": "oval:org.mitre.oval:def:1689", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1689"}, {"name": "NetBSD-SA2006-010", "refsource": "NETBSD", "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-010.txt.asc"}, {"name": "17192", "refsource": "BID", "url": "http://www.securityfocus.com/bid/17192"}, {"name": "RHSA-2006:0264", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2006-0264.html"}, {"name": "http://www.sendmail.com/company/advisory/index.shtml", "refsource": "CONFIRM", "url": "http://www.sendmail.com/company/advisory/index.shtml"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T16:18:20.809Z"}, "title": "CVE Program Container", "references": [{"name": "ADV-2006-1529", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/1529"}, {"name": "HPSBTU02116", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00692635"}, {"name": "19450", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19450"}, {"name": "DSA-1015", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2006/dsa-1015"}, {"name": "MDKSA-2006:058", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:058"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/power5/install/v52.Readme.html#MH00688"}, {"name": "[3.8] 006: SECURITY FIX: March 25, 2006", "tags": ["vendor-advisory", "x_refsource_OPENBSD", "x_transferred"], "url": "http://www.openbsd.org/errata38.html#sendmail"}, {"name": "VU#834865", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/834865"}, {"name": "SCOSA-2006.24", "tags": ["vendor-advisory", "x_refsource_SCO", "x_transferred"], "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.24/SCOSA-2006.24.txt"}, {"name": "19342", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19342"}, {"name": "ADV-2006-1049", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/1049"}, {"name": "19774", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19774"}, {"name": "FreeBSD-SA-06:13", "tags": ["vendor-advisory", "x_refsource_FREEBSD", "x_transferred"], "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:13.sendmail.asc"}, {"name": "oval:org.mitre.oval:def:11074", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11074"}, {"name": "20060401-01-U", "tags": ["vendor-advisory", "x_refsource_SGI", "x_transferred"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U"}, {"name": "200494", "tags": ["vendor-advisory", "x_refsource_SUNALERT", "x_transferred"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200494-1"}, {"name": "19404", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19404"}, {"name": "19367", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19367"}, {"name": "OpenPKG-SA-2006.007", "tags": ["vendor-advisory", "x_refsource_OPENPKG", "x_transferred"], "url": "http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.007-sendmail.html"}, {"name": "ADV-2006-1051", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/1051"}, {"name": "20060322 sendmail vuln advisories (CVE-2006-0058)", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/428536/100/0/threaded"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.f-secure.com/security/fsc-2006-2.shtml"}, {"name": "743", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/743"}, {"name": "1015801", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1015801"}, {"name": "HPSBUX02108", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00629555"}, {"name": "19363", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19363"}, {"name": "smtp-timeout-bo(24584)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24584"}, {"name": "TA06-081A", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.us-cert.gov/cas/techalerts/TA06-081A.html"}, {"name": "20723", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/20723"}, {"name": "20243", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/20243"}, {"name": "19407", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19407"}, {"name": "ADV-2006-2189", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/2189"}, {"name": "FEDORA-2006-194", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00017.html"}, {"name": "20060302-01-P", "tags": ["vendor-advisory", "x_refsource_SGI", "x_transferred"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20060302-01-P"}, {"name": "20060322 Sendmail Remote Signal Handling Vulnerability", "tags": ["third-party-advisory", "x_refsource_ISS", "x_transferred"], "url": "http://www.iss.net/threats/216.html"}, {"name": "19466", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19466"}, {"name": "19368", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19368"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-078.htm"}, {"name": "Q-151", "tags": ["third-party-advisory", "government-resource", "x_refsource_CIAC", "x_transferred"], "url": "http://www.ciac.org/ciac/bulletins/q-151.shtml"}, {"name": "SSRT061133", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00629555"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-074.htm"}, {"name": "19345", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19345"}, {"name": "612", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/612"}, {"name": "FEDORA-2006-193", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00018.html"}, {"name": "19346", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19346"}, {"name": "SSA:2006-081-01", "tags": ["vendor-advisory", "x_refsource_SLACKWARE", "x_transferred"], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.619600"}, {"name": "IY82992", "tags": ["vendor-advisory", "x_refsource_AIXAPAR", "x_transferred"], "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IY82992&apar=only"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=2751"}, {"name": "GLSA-200603-21", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-21.xml"}, {"name": "IY82994", "tags": ["vendor-advisory", "x_refsource_AIXAPAR", "x_transferred"], "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IY82994&apar=only"}, {"name": "IY82993", "tags": ["vendor-advisory", "x_refsource_AIXAPAR", "x_transferred"], "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IY82993&apar=only"}, {"name": "ADV-2006-1068", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/1068"}, {"name": "RHSA-2006:0265", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2006-0265.html"}, {"name": "ADV-2006-2490", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/2490"}, {"name": "ADV-2006-1072", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/1072"}, {"name": "FLSA:186277", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/428656/100/0/threaded"}, {"name": "19360", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19360"}, {"name": "19532", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19532"}, {"name": "102324", "tags": ["vendor-advisory", "x_refsource_SUNALERT", "x_transferred"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102324-1"}, {"name": "19361", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19361"}, {"name": "19676", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19676"}, {"name": "19356", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19356"}, {"name": "SUSE-SA:2006:017", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://www.novell.com/linux/security/advisories/2006_17_sendmail.html"}, {"name": "24037", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/24037"}, {"name": "19349", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19349"}, {"name": "102262", "tags": ["vendor-advisory", "x_refsource_SUNALERT", "x_transferred"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102262-1"}, {"name": "19394", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19394"}, {"name": "SSRT061135", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00692635"}, {"name": "ADV-2006-1139", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/1139"}, {"name": "ADV-2006-1157", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/1157"}, {"name": "19533", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19533"}, {"name": "oval:org.mitre.oval:def:1689", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1689"}, {"name": "NetBSD-SA2006-010", "tags": ["vendor-advisory", "x_refsource_NETBSD", "x_transferred"], "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-010.txt.asc"}, {"name": "17192", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/17192"}, {"name": "RHSA-2006:0264", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2006-0264.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.sendmail.com/company/advisory/index.shtml"}]}]}, "cveMetadata": {"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2006-0058", "datePublished": "2006-03-22T20:00:00", "dateReserved": "2006-01-01T00:00:00", "dateUpdated": "2024-08-07T16:18:20.809Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sendmail:sendmail:8.13.0:*:*:*:*:*:*:*", "matchCriteriaId": "B4E0D099-C149-4923-A06C-200A23CEA943", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.13.1:*:*:*:*:*:*:*", "matchCriteriaId": "01B75BCD-9187-4DB0-903D-5F73429AEE78", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.13.2:*:*:*:*:*:*:*", "matchCriteriaId": "F7DB5E2A-0E79-45DF-BD85-FD216A970771", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.13.3:*:*:*:*:*:*:*", "matchCriteriaId": "D20FAC60-445E-4847-B5DE-8ACDDA55E1CA", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.13.4:*:*:*:*:*:*:*", "matchCriteriaId": "9962F81C-A08C-4F8E-A07C-4F4B5C441EA5", "vulnerable": true}, {"criteria": "cpe:2.3:a:sendmail:sendmail:8.13.5:*:*:*:*:*:*:*", "matchCriteriaId": "A38C234D-EF75-4A96-A0FD-E1DDDADAC1BC", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory locations."}], "id": "CVE-2006-0058", "lastModified": "2024-11-21T00:05:33.340", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.6, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-03-22T20:06:00.000", "references": [{"source": "cret@cert.org", "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:13.sendmail.asc"}, {"source": "cret@cert.org", "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-010.txt.asc"}, {"source": "cret@cert.org", "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.24/SCOSA-2006.24.txt"}, {"source": "cret@cert.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060302-01-P"}, {"source": "cret@cert.org", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U"}, {"source": "cret@cert.org", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00629555"}, {"source": "cret@cert.org", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00629555"}, {"source": "cret@cert.org", "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00692635"}, {"source": "cret@cert.org", "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00692635"}, {"source": "cret@cert.org", "url": "http://secunia.com/advisories/19342"}, {"source": "cret@cert.org", "url": "http://secunia.com/advisories/19345"}, {"source": "cret@cert.org", "url": "http://secunia.com/advisories/19346"}, {"source": "cret@cert.org", "url": "http://secunia.com/advisories/19349"}, {"source": "cret@cert.org", "url": "http://secunia.com/advisories/19356"}, {"source": "cret@cert.org", "url": "http://secunia.com/advisories/19360"}, {"source": "cret@cert.org", "url": "http://secunia.com/advisories/19361"}, {"source": "cret@cert.org", "url": "http://secunia.com/advisories/19363"}, {"source": "cret@cert.org", "url": "http://secunia.com/advisories/19367"}, {"source": "cret@cert.org", "url": "http://secunia.com/advisories/19368"}, {"source": "cret@cert.org", "url": "http://secunia.com/advisories/19394"}, {"source": "cret@cert.org", "url": "http://secunia.com/advisories/19404"}, {"source": "cret@cert.org", "url": "http://secunia.com/advisories/19407"}, {"source": "cret@cert.org", "url": "http://secunia.com/advisories/19450"}, {"source": "cret@cert.org", "url": "http://secunia.com/advisories/19466"}, {"source": "cret@cert.org", "url": "http://secunia.com/advisories/19532"}, {"source": "cret@cert.org", "url": "http://secunia.com/advisories/19533"}, {"source": "cret@cert.org", "url": "http://secunia.com/advisories/19676"}, {"source": "cret@cert.org", "url": "http://secunia.com/advisories/19774"}, {"source": "cret@cert.org", "url": "http://secunia.com/advisories/20243"}, {"source": "cret@cert.org", "url": "http://secunia.com/advisories/20723"}, {"source": "cret@cert.org", "url": "http://securityreason.com/securityalert/612"}, {"source": "cret@cert.org", "url": "http://securityreason.com/securityalert/743"}, {"source": "cret@cert.org", "url": "http://securitytracker.com/id?1015801"}, {"source": "cret@cert.org", "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.619600"}, {"source": "cret@cert.org", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102262-1"}, {"source": "cret@cert.org", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102324-1"}, {"source": "cret@cert.org", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200494-1"}, {"source": "cret@cert.org", "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-074.htm"}, {"source": "cret@cert.org", "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-078.htm"}, {"source": "cret@cert.org", "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IY82992&apar=only"}, {"source": "cret@cert.org", "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IY82993&apar=only"}, {"source": "cret@cert.org", "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IY82994&apar=only"}, {"source": "cret@cert.org", "url": "http://www.ciac.org/ciac/bulletins/q-151.shtml"}, {"source": "cret@cert.org", "url": "http://www.debian.org/security/2006/dsa-1015"}, {"source": "cret@cert.org", "url": "http://www.f-secure.com/security/fsc-2006-2.shtml"}, {"source": "cret@cert.org", "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-21.xml"}, {"source": "cret@cert.org", "url": "http://www.iss.net/threats/216.html"}, {"source": "cret@cert.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/834865"}, {"source": "cret@cert.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:058"}, {"source": "cret@cert.org", "url": "http://www.novell.com/linux/security/advisories/2006_17_sendmail.html"}, {"source": "cret@cert.org", "url": "http://www.openbsd.org/errata38.html#sendmail"}, {"source": "cret@cert.org", "url": "http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.007-sendmail.html"}, {"source": "cret@cert.org", "url": "http://www.osvdb.org/24037"}, {"source": "cret@cert.org", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00017.html"}, {"source": "cret@cert.org", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00018.html"}, {"source": "cret@cert.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2006-0264.html"}, {"source": "cret@cert.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2006-0265.html"}, {"source": "cret@cert.org", "url": "http://www.securityfocus.com/archive/1/428536/100/0/threaded"}, {"source": "cret@cert.org", "url": "http://www.securityfocus.com/archive/1/428656/100/0/threaded"}, {"source": "cret@cert.org", "url": "http://www.securityfocus.com/bid/17192"}, {"source": "cret@cert.org", "url": "http://www.sendmail.com/company/advisory/index.shtml"}, {"source": "cret@cert.org", "tags": ["US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA06-081A.html"}, {"source": "cret@cert.org", "url": "http://www.vupen.com/english/advisories/2006/1049"}, {"source": "cret@cert.org", "url": "http://www.vupen.com/english/advisories/2006/1051"}, {"source": "cret@cert.org", "url": "http://www.vupen.com/english/advisories/2006/1068"}, {"source": "cret@cert.org", "url": "http://www.vupen.com/english/advisories/2006/1072"}, {"source": "cret@cert.org", "url": "http://www.vupen.com/english/advisories/2006/1139"}, {"source": "cret@cert.org", "url": "http://www.vupen.com/english/advisories/2006/1157"}, {"source": "cret@cert.org", "url": "http://www.vupen.com/english/advisories/2006/1529"}, {"source": "cret@cert.org", "url": "http://www.vupen.com/english/advisories/2006/2189"}, {"source": "cret@cert.org", "url": "http://www.vupen.com/english/advisories/2006/2490"}, {"source": "cret@cert.org", "url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/power5/install/v52.Readme.html#MH00688"}, {"source": "cret@cert.org", "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=2751"}, {"source": "cret@cert.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24584"}, {"source": "cret@cert.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11074"}, {"source": "cret@cert.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1689"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:13.sendmail.asc"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-010.txt.asc"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.24/SCOSA-2006.24.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060302-01-P"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00629555"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00629555"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00692635"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://itrc.hp.com/service/cki/docDisplay.do?docId=c00692635"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19342"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19345"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19346"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19349"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19356"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19360"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19361"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19363"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19367"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19368"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19394"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19404"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19407"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19450"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19466"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19532"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19533"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19676"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19774"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/20243"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/20723"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/612"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/743"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1015801"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.619600"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102262-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102324-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200494-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-074.htm"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-078.htm"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IY82992&apar=only"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IY82993&apar=only"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www-1.ibm.com/support/search.wss?rs=0&q=IY82994&apar=only"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ciac.org/ciac/bulletins/q-151.shtml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2006/dsa-1015"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.f-secure.com/security/fsc-2006-2.shtml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-21.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.iss.net/threats/216.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/834865"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:058"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2006_17_sendmail.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openbsd.org/errata38.html#sendmail"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.007-sendmail.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/24037"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00017.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00018.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2006-0264.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2006-0265.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/428536/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/428656/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/17192"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.sendmail.com/company/advisory/index.shtml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA06-081A.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/1049"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/1051"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/1068"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/1072"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/1139"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/1157"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/1529"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/2189"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/2490"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www14.software.ibm.com/webapp/set2/sas/f/hmc/power5/install/v52.Readme.html#MH00688"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=2751"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24584"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11074"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1689"}], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2006:0264", "cpe": "cpe:/o:redhat:enterprise_linux:3", "package": "sendmail-0:8.12.11-4.RHEL3.4", "product_name": "Red Hat Enterprise Linux 3", "release_date": "2006-03-22T00:00:00Z"}, {"advisory": "RHSA-2006:0264", "cpe": "cpe:/o:redhat:enterprise_linux:4", "package": "sendmail-0:8.13.1-3.RHEL4.3", "product_name": "Red Hat Enterprise Linux 4", "release_date": "2006-03-22T00:00:00Z"}, {"advisory": "RHSA-2006:0265", "cpe": "cpe:/o:redhat:enterprise_linux:2.1", "product_name": "Red Hat Enterprise Linux AS (Advanced Server) version 2.1", "release_date": "2006-03-22T00:00:00Z"}, {"advisory": "RHSA-2006:0265", "cpe": "cpe:/o:redhat:enterprise_linux:2.1", "product_name": "Red Hat Enterprise Linux ES version 2.1", "release_date": "2006-03-22T00:00:00Z"}, {"advisory": "RHSA-2006:0265", "cpe": "cpe:/o:redhat:enterprise_linux:2.1", "product_name": "Red Hat Enterprise Linux WS version 2.1", "release_date": "2006-03-22T00:00:00Z"}, {"advisory": "RHSA-2006:0265", "cpe": "cpe:/o:redhat:enterprise_linux:2.1", "product_name": "Red Hat Linux Advanced Workstation 2.1", "release_date": "2006-03-22T00:00:00Z"}], "bugzilla": {"description": "security flaw", "id": "1617872", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617872"}, "csaw": false, "details": ["Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory locations."], "name": "CVE-2006-0058", "public_date": "2006-03-22T16:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2006-0058\nhttps://nvd.nist.gov/vuln/detail/CVE-2006-0058"], "threat_severity": "Critical"}

Metrics

Access Vector Network

Access Complexity High

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity High

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object