Vulnerability Note VU#834865
Sendmail signal I/O race condition
A race condition in Sendmail may allow a remote attacker to execute arbitrary code.
Sendmail is a widely used mail transfer agent (MTA).
Mail Transfer Agents (MTA)
MTAs are responsible for sending an receiving email messages over the internet. They are also referred to as mail servers or SMTP servers.
Sendmail contains a race condition caused by the improper handling of asynchronous signals. In particular, by forcing SMTP server to have an I/O timeout at exactly the correct instant, the attacker may be able to execute arbitrary code with the privileges of the Sendmail process.
More information is available in the Sendmail version 8.13.6 release page and the Sendmail MTA Security Vulnerability Advisory.
This vulnerability occurred as a result of failing to comply with recommndations SIG32-C and SIG30-C of the CERT C Programming Language Secure Coding Standard.
Versions of Sendmail prior to 8.13.6 are affected.
A remote, unauthenticated attacker could execute arbitrary code with the privileges of the Sendmail process. If Sendmail is running as root, the attacker could take complete control of an affected system.
This issue is corrected in Sendmail version 8.13.6.
Patches to correct this issue in Sendmail versions 8.12.11 and 8.13.5 are also available.
Refer to the Sendmail MTA Security Vulnerability Advisory for steps to reduce the impact of this vulnerability
If you are a vendor and your product is affected, let
us know.View More »
|Vendor||Status||Date Notified||Date Updated|
|Fedora Project||Affected||08 Mar 2006||21 Mar 2006|
|FreeBSD, Inc.||Affected||08 Mar 2006||30 Mar 2006|
|Gentoo Linux||Affected||08 Mar 2006||22 Mar 2006|
|Hewlett-Packard Company||Affected||08 Mar 2006||27 Mar 2006|
|IBM Corporation||Affected||15 Mar 2006||22 Mar 2006|
|NetBSD||Affected||08 Mar 2006||03 Apr 2006|
|OpenBSD||Affected||21 Mar 2006||27 Mar 2006|
|Red Hat, Inc.||Affected||08 Mar 2006||21 Mar 2006|
|Sendmail.org||Affected||27 Feb 2006||21 Mar 2006|
|Slackware Linux Inc.||Affected||08 Mar 2006||24 Mar 2006|
|Sun Microsystems, Inc.||Affected||08 Mar 2006||27 Mar 2006|
|SUSE Linux||Affected||08 Mar 2006||21 Mar 2006|
|Turbolinux||Affected||08 Mar 2006||29 Mar 2006|
|Ubuntu||Affected||08 Mar 2006||22 Mar 2006|
|Apple Computer, Inc.||Not Affected||08 Mar 2006||22 Mar 2006|
Thanks to Sendmail Inc. for reporting this vulnerability. Sendmail credits
Internet Security Systems
with providing information about this issue.
This document was written by Jeff Gennari.
22 Mar 2006
Date First Published:
22 Mar 2006
Date Last Updated:
22 Jul 2011
If you have feedback, comments, or additional information about this vulnerability, please send us email.