Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1349

Overview

Vulnerability Score 3.7 3.7
CVE Id CVE-2001-1349
Last Modified 05 Sep 2008 04:26:19
Published 28 May 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE

CVE-2001-1349

Summary

Sendmail before 8.11.4, and 8.12.0 before 8.12.0.Beta10, allows local users to cause a denial of service and possibly corrupt the heap and gain privileges via race conditions in signal handlers.

Vulnerable Systems

Application

  • Sendmail 8.10

  • Sendmail 8.10.1

  • Sendmail 8.10.2

  • Sendmail 8.11.0

  • Sendmail 8.11.1

  • Sendmail 8.11.2

  • Sendmail 8.11.3

  • Sendmail 8.12


References

BID - 2794

BINDVIEW - 20010528 Unsafe Signal Handling in Sendmail

BUGTRAQ - 20010529 sendmail 8.11.4 and 8.12.0.Beta10 available (fwd)

CONFIRM - http://archives.neohapsis.com/archives/sendmail/2001-q2/0001.html

XF - sendmail-signal-handling(6633)

REDHAT - RHSA-2001:106


Last Updated: 27 May 2016 10:36:38