(Cobalt RaQ is Affected) Sendmail Race Condition in Signal Handler May Let Remote Users Trigger a Buffer Overflow to Execute Arbitrary Code
|
|
SecurityTracker Alert ID: 1015998 |
|
SecurityTracker URL: http://securitytracker.com/id/1015998
|
|
CVE Reference:
CVE-2006-0058
(Links to External Site)
|
Date: Apr 26 2006
|
Impact:
Execution of arbitrary code via network, Root access via network
|
Vendor Confirmed: Yes
|
Version(s): Cobalt RaQ XTR, Cobalt RaQ 4, and Cobalt RaQ 550 Server
|
Description:
A vulnerability was reported in Sendmail. A remote user may be able to execute arbitrary code on the target system.
Under certain specific timing conditions, a remote user can send specially crafted e-mail data to the target system to exploit a race condition in a signal handler and trigger a buffer overflow. This may allow the remote user to execute arbitrary code on the target system with the privileges of the sendmail process.
ISS discovered this vulnerability.
The original advisory is available at:
http://xforce.iss.net/xforce/xfdb/24584
|
Impact:
A remote user can execute arbitrary code on the target system with the privileges of the sendmail process (typically root privileges).
|
Solution:
The Sun Cobalt RaQ XTR Server, Sun Cobalt RaQ 4 Server, and Sun Cobalt RaQ 550 Server products are affected by this sendmail vulnerability.
No fix was available from Sun at the time of this entry. However, a workaround is described in the Sun advisory, available at:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102324-1
|
Cause:
Boundary error
|
Underlying OS:
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Wed, 26 Apr 2006 01:14:57 -0400
Subject: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102324-1
|
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102324-1
Sun Cobalt RaQ XTR Server, Sun Cobalt RaQ 4 Server, Sun Cobalt RaQ 550 Server
CVE-2006-0058
|
|
