Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0905

Overview

Vulnerability Score 6.2 6.2
CVE Id CVE-2001-0905
Last Modified 05 Sep 2008 04:25:12
Published 18 Oct 2001 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE

CVE-2001-0905

Summary

Race condition in signal handling of procmail 3.20 and earlier, when running setuid, allows local users to cause a denial of service or gain root privileges by sending a signal while a signal handling routine is already running.

Vulnerable Systems

Application

  • Procmail 3.20


References

BID - 3071

REDHAT - RHSA-2001:093

MANDRAKE - MDKSA-2001:085

DEBIAN - DSA-083

FREEBSD - FreeBSD-SA-01:60

XF - procmail-signal-handling-race(6872)

CONECTIVA - CLA-2001:433


Last Updated: 27 May 2016 10:36:26