Sendmail code execution vuln announced (CVE-2006-0058)
A new race condition affecting versions of Sendmail prior to 8.13.6 has been announced. The risk is it could allow an attacker to execute code.
Vulnerability Note VU#834865
Sendmail contains a race condition
A race condition in Sendmail may allow a remote attacker to execute arbitrary code.
Sendmail is a widely used mail transfer agent (MTA).
Mail Transfer Agents (MTA)
MTAs are responsible for sending an receiving email messages over the internet. They are also referred to as mail servers or SMTP servers.
Sendmail contains a race condition caused by the improper handling of asynchronous signals. In particular, by forcing SMTP server to have an I/O timeout at exactly the correct instant, the attacker may be able to execute arbitrary code with the privileges of the Sendmail process.
More information is available in the Sendmail version 8.13.6 release page and the Sendmail MTA Security Vulnerability Advisory.
Versions of Sendmail prior to 8.13.6 are affected.
A remote, unauthenticated attacker could execute arbitrary code with the privileges of the Sendmail process. If Sendmail is running as root, the attacker could take complete control of an affected system.
This issue is corrected in Sendmail version 8.13.6.
Patches to correct this issue in Sendmail versions 8.12.11 and 8.13.5 are also available