U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. Vulnerabilities

CVE-2006-0058 Detail

Description

Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory locations.


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL Source(s) Tag(s)
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:13.sendmail.asc CERT/CC, CVE
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-010.txt.asc CERT/CC, CVE
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.24/SCOSA-2006.24.txt CERT/CC, CVE
ftp://patches.sgi.com/support/free/security/advisories/20060302-01-P CERT/CC, CVE
ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U CERT/CC, CVE
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00629555 CERT/CC, CVE
http://itrc.hp.com/service/cki/docDisplay.do?docId=c00692635 CERT/CC, CVE
http://secunia.com/advisories/19342 CERT/CC, CVE
http://secunia.com/advisories/19345 CERT/CC, CVE
http://secunia.com/advisories/19346 CERT/CC, CVE
http://secunia.com/advisories/19349 CERT/CC, CVE
http://secunia.com/advisories/19356 CERT/CC, CVE
http://secunia.com/advisories/19360 CERT/CC, CVE
http://secunia.com/advisories/19361 CERT/CC, CVE
http://secunia.com/advisories/19363 CERT/CC, CVE
http://secunia.com/advisories/19367 CERT/CC, CVE
http://secunia.com/advisories/19368 CERT/CC, CVE
http://secunia.com/advisories/19394 CERT/CC, CVE
http://secunia.com/advisories/19404 CERT/CC, CVE
http://secunia.com/advisories/19407 CERT/CC, CVE
http://secunia.com/advisories/19450 CERT/CC, CVE
http://secunia.com/advisories/19466 CERT/CC, CVE
http://secunia.com/advisories/19532 CERT/CC, CVE
http://secunia.com/advisories/19533 CERT/CC, CVE
http://secunia.com/advisories/19676 CERT/CC, CVE
http://secunia.com/advisories/19774 CERT/CC, CVE
http://secunia.com/advisories/20243 CERT/CC, CVE
http://secunia.com/advisories/20723 CERT/CC, CVE
http://securityreason.com/securityalert/612 CERT/CC, CVE
http://securityreason.com/securityalert/743 CERT/CC, CVE
http://securitytracker.com/id?1015801 CERT/CC, CVE
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.619600 CERT/CC, CVE
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102262-1 CERT/CC, CVE
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102324-1 CERT/CC, CVE
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200494-1 CERT/CC, CVE
http://support.avaya.com/elmodocs2/security/ASA-2006-074.htm CERT/CC, CVE
http://support.avaya.com/elmodocs2/security/ASA-2006-078.htm CERT/CC, CVE
http://www-1.ibm.com/support/search.wss?rs=0&q=IY82992&apar=only CERT/CC, CVE
http://www-1.ibm.com/support/search.wss?rs=0&q=IY82993&apar=only CERT/CC, CVE
http://www-1.ibm.com/support/search.wss?rs=0&q=IY82994&apar=only CERT/CC, CVE
http://www.ciac.org/ciac/bulletins/q-151.shtml CERT/CC, CVE
http://www.debian.org/security/2006/dsa-1015 CERT/CC, CVE
http://www.f-secure.com/security/fsc-2006-2.shtml CERT/CC, CVE
http://www.gentoo.org/security/en/glsa/glsa-200603-21.xml CERT/CC, CVE
http://www.iss.net/threats/216.html CERT/CC, CVE
http://www.kb.cert.org/vuls/id/834865 CERT/CC, CVE US Government Resource 
http://www.mandriva.com/security/advisories?name=MDKSA-2006:058 CERT/CC, CVE
http://www.novell.com/linux/security/advisories/2006_17_sendmail.html CERT/CC, CVE
http://www.openbsd.org/errata38.html#sendmail CERT/CC, CVE
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.007-sendmail.html CERT/CC, CVE
http://www.osvdb.org/24037 CERT/CC, CVE
http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00017.html CERT/CC, CVE
http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00018.html CERT/CC, CVE
http://www.redhat.com/support/errata/RHSA-2006-0264.html CERT/CC, CVE Patch  Vendor Advisory 
http://www.redhat.com/support/errata/RHSA-2006-0265.html CERT/CC, CVE Patch  Vendor Advisory 
http://www.securityfocus.com/archive/1/428536/100/0/threaded CERT/CC, CVE
http://www.securityfocus.com/archive/1/428656/100/0/threaded CERT/CC, CVE
http://www.securityfocus.com/bid/17192 CERT/CC, CVE
http://www.sendmail.com/company/advisory/index.shtml CERT/CC, CVE
http://www.us-cert.gov/cas/techalerts/TA06-081A.html CERT/CC, CVE US Government Resource 
http://www.vupen.com/english/advisories/2006/1049 CERT/CC, CVE
http://www.vupen.com/english/advisories/2006/1051 CERT/CC, CVE
http://www.vupen.com/english/advisories/2006/1068 CERT/CC, CVE
http://www.vupen.com/english/advisories/2006/1072 CERT/CC, CVE
http://www.vupen.com/english/advisories/2006/1139 CERT/CC, CVE
http://www.vupen.com/english/advisories/2006/1157 CERT/CC, CVE
http://www.vupen.com/english/advisories/2006/1529 CERT/CC, CVE
http://www.vupen.com/english/advisories/2006/2189 CERT/CC, CVE
http://www.vupen.com/english/advisories/2006/2490 CERT/CC, CVE
http://www14.software.ibm.com/webapp/set2/sas/f/hmc/power5/install/v52.Readme.html#MH00688 CERT/CC, CVE
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=2751 CERT/CC, CVE
https://exchange.xforce.ibmcloud.com/vulnerabilities/24584 CERT/CC, CVE
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11074 CERT/CC, CVE
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1689 CERT/CC, CVE

Weakness Enumeration

CWE-ID CWE Name Source
NVD-CWE-Other Other cwe source acceptance level NIST  

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

6 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2006-0058
NVD Published Date:
03/22/2006
NVD Last Modified:
04/02/2025
Source:
CERT/CC