Executive Summary

Summary
Title HP-UX Running Sendmail, Remote Execution of Arbitrary Code
Informations
Name HPSBUX02108 SSRT061133 First vendor Publication 2006-03-30
Vendor HP Last vendor Modification 2006-08-08
Severity (Vendor) N/A Revision 14

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:H/Au:N/C:C/I:C/A:C)
Cvss Base Score 7.6 Attack Range Network
Cvss Impact Score 10 Attack Complexity High
Cvss Expoit Score 4.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A vulnerability has been identified in Sendmail which may allow a remote attacker to execute arbitrary code.

Original Source

Url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00629555

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:11074
 
Oval ID: oval:org.mitre.oval:def:11074
Title: Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory locations.
Description: Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory locations.
Family: unix Class: vulnerability
Reference(s): CVE-2006-0058
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:1689
 
Oval ID: oval:org.mitre.oval:def:1689
Title: Sendmail setjmp longjmp bo (Red Hat Internal)
Description: Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory locations.
Family: unix Class: vulnerability
Reference(s): CVE-2006-0058
Version: 5
Platform(s): Red Hat Linux 9
Red Hat Enterprise Linux 3
Red Hat Enterprise Linux 4
Product(s): Sendmail
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 6

OpenVAS Exploits

Date Description
2009-10-10 Name : SLES9: Security update for sendmail
File : nvt/sles9p5014827.nasl
2009-05-05 Name : HP-UX Update for sendmail HPSBUX02108
File : nvt/gb_hp_ux_HPSBUX02108.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200603-21 (sendmail)
File : nvt/glsa_200603_21.nasl
2008-09-04 Name : FreeBSD Ports: sendmail
File : nvt/freebsd_sendmail.nasl
2008-09-04 Name : FreeBSD Security Advisory (FreeBSD-SA-06:13.sendmail.asc)
File : nvt/freebsdsa_sendmail1.nasl
2008-01-17 Name : Debian Security Advisory DSA 1015-1 (sendmail)
File : nvt/deb_1015_1.nasl
0000-00-00 Name : Slackware Advisory SSA:2006-081-01 sendmail
File : nvt/esoft_slk_ssa_2006_081_01.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
24037 Sendmail Signal Handler Race Condition Remote Overflow

Sendmail contains a flaw that may allow a remote attacker to gain elevated privileges. The issue is due to the sm_syslog() function which allows an attacker to pass crafted data to the setjmp(3) and longjmp(3) function causing memory corruption. This can be used to remotely execute arbitrary code without authentication.

Snort® IPS/IDS

Date Description
2014-01-10 headers too long server response
RuleID : 5739 - Revision : 8 - Type : SERVER-MAIL
2014-01-10 Sendmail smtp timeout buffer overflow attempt
RuleID : 16057 - Revision : 7 - Type : SERVER-MAIL

Nessus® Vulnerability Scanner

Date Description
2013-03-13 Name : The remote AIX host is missing a vendor-supplied security patch.
File : aix_U805069.nasl - Type : ACT_GATHER_INFO
2013-03-13 Name : The remote AIX host is missing a vendor-supplied security patch.
File : aix_U806006.nasl - Type : ACT_GATHER_INFO
2007-09-25 Name : The remote HP-UX host is missing a security-related patch.
File : hpux_PHNE_35485.nasl - Type : ACT_GATHER_INFO
2007-09-25 Name : The remote HP-UX host is missing a security-related patch.
File : hpux_PHNE_35484.nasl - Type : ACT_GATHER_INFO
2007-09-25 Name : The remote HP-UX host is missing a security-related patch.
File : hpux_PHNE_35483.nasl - Type : ACT_GATHER_INFO
2006-10-14 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1015.nasl - Type : ACT_GATHER_INFO
2006-08-08 Name : The remote HP-UX host is missing a security-related patch.
File : hpux_PHNE_34927.nasl - Type : ACT_GATHER_INFO
2006-07-03 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2006-0264.nasl - Type : ACT_GATHER_INFO
2006-06-06 Name : The remote HP-UX host is missing a security-related patch.
File : hpux_PHNE_32006.nasl - Type : ACT_GATHER_INFO
2006-05-13 Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_08ac7b8bbb3011dab2fb000e0c2e438a.nasl - Type : ACT_GATHER_INFO
2006-04-08 Name : The remote Fedora Core host is missing a security update.
File : fedora_2006-194.nasl - Type : ACT_GATHER_INFO
2006-04-08 Name : The remote Fedora Core host is missing a security update.
File : fedora_2006-193.nasl - Type : ACT_GATHER_INFO
2006-03-23 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200603-21.nasl - Type : ACT_GATHER_INFO
2006-03-23 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2006-081-01.nasl - Type : ACT_GATHER_INFO
2006-03-23 Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2006-058.nasl - Type : ACT_GATHER_INFO
2006-03-23 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2006-0264.nasl - Type : ACT_GATHER_INFO
2006-03-23 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2006-0265.nasl - Type : ACT_GATHER_INFO
2004-07-12 Name : The remote host is missing Sun Security Patch number 110615-18
File : solaris8_110615.nasl - Type : ACT_GATHER_INFO
2004-07-12 Name : The remote host is missing Sun Security Patch number 110616-18
File : solaris8_x86_110616.nasl - Type : ACT_GATHER_INFO
2004-07-12 Name : The remote host is missing Sun Security Patch number 113575-11
File : solaris9_113575.nasl - Type : ACT_GATHER_INFO
2004-07-12 Name : The remote host is missing Sun Security Patch number 114137-10
File : solaris9_x86_114137.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:38:21
  • Multiple Updates