Sendmail Asynchronous Signal Handling Remote Code Execution Vulnerability

Sendmail Asynchronous Signal Handling Remote Code Execution Vulnerability

References:

[ BULLETIN ] Potential Vulnerability in Sendmail 8.12 - VU#834865 (Nortel Networks)
001: SECURITY FIX: March 25, 2006 (OpenBSD)
ASA-2006-074 - sendmail security update (RHSA-2006-0264 & RHSA-2006-0265) (Avaya)
ASA-2006-078 - Sun Alert Notifications from Sun Weekly Report dated Mar 25, 2006 (Avaya)
Corrective Service Security FIX - MH00688 (PTF) (IBM)
Cumulative history and Readme for use with HMC V5 R2 and V5 R2.1 (IBM)
exploiting_sendmail (rapturesecurity.org)
F-Secure Security Bulletin FSC-2006-2 (F-Secure)
HPSBTU02116 SSRT061135 rev.1 - HP Tru64 UNIX and HP Internet Express for Tru64 U (HP)
RHSA-2006:0264-8 - sendmail security update (RedHat)
RHSA-2006:0265-9 - sendmail security update (RedHat)
Sendmail 8.13.6 (Sendmail Consortium)
Sendmail Homepage (Sendmail Consortium)
Sendmail MTA Security Vulnerability (Sendmail)
Sendmail Remote Signal Handling Vulnerability (Internet Security Systems)
Sun Alert ID: 102262 (Sun)
Sun Alert ID: 102324 (Sun)
Technical Cyber Security Alert TA06-081A - Sendmail Race Condition Vulnerability (US-CERT)
Vulnerability Note VU#834865 - Sendmail contains a race condition (US-CERT)

Privacy Statement
Copyright 2010, SecurityFocus