Fluid Attacks Database

Description

Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory locations.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 14	sendmail	>=0 <8.13.6-1	8.13.6-1
debian 11	sendmail	>=0 <8.13.6-1	8.13.6-1
debian 13	sendmail	>=0 <8.13.6-1	8.13.6-1
debian 12	sendmail	>=0 <8.13.6-1	8.13.6-1

Aliases

1. CVE-2006-00582. NVD-2006-00583. OSV-DEBIAN-2006-00584. OSV-2006-00585. SECURITY-TRACKER-CVE-2006-0058

References

1. https://www.exploit-db.com/exploits/2051

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.