CVE-2006-0058
sendmail - programming error
EPSS 59.0%
Description
Signal handler race condition in Sendmail 8.13.x before 8.13.6 allows remote attackers to execute arbitrary code by triggering timeouts in a way that causes the setjmp and longjmp function calls to be interrupted and modify unexpected memory locations.
How to fix CVE-2006-0058
To remediate CVE-2006-0058, upgrade the affected package to a fixed version below.
- Debian/sendmail—upgrade to 8.13.6-1 or later
- Debian/sendmail—upgrade to 8.12.3-7.2 or later
Is CVE-2006-0058 being exploited?
Likely — EPSS is 59.0%, placing CVE-2006-0058 in the top tier of vulnerabilities by exploitation probability. Prioritise patching.
Affected packages (2)
- from 0, < 8.13.6-1
- from 0, < 8.12.3-7.2