Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
    • Risk Management Delivery Group
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > March 2006 > Vulnerability in Sendmail

March 2006

Vulnerability in Sendmail

ID: 00225
Ref: 225
Date: 23 March 2006:14:02:07
Version: 1
Title: Vulnerability in Sendmail
Abstract: A vulnerability has been found in Sendmail which could lead to the execution of arbitrary code with Sendmail privileges.
A security vulnerability in certain versions of Sendmail prior to 8.13.6 may allow a remote unauthenticated attacker to execute arbitrary code with the privileges of the Sendmail process.

It is recommended that users upgrade to version 8.13.6 or apply relevant patch.

References:

Sendmail.com:
http://www.sendmail.com/company/advisory/

ISS X-Force:
http://xforce.iss.net/xforce/alerts/id/216

CVE-2006-0058
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0058
  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |