CVE-2005-0893 - modes.c in smail 3.2.0.120 implements signal handlers with certain unsafe library calls, which may a

CVE-2005-0893

Summary

modes.c in smail 3.2.0.120 implements signal handlers with certain unsafe library calls, which may allow attackers to execute arbitrary code via signal handler race conditions, possibly using xmalloc.

References

http://marc.info/?l=bugtraq&m=111177045217717&w=2

Vulnerable Configurations

cpe:2.3:a:smail:smail:3.2.0.120:*:*:*:*:*:*:*
cpe:2.3:a:smail:smail:3.2.0.120:*:*:*:*:*:*:*

CVSS

Base:	7.6 (as of 18-10-2016 - 03:15)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	HIGH	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:H/Au:N/C:C/I:C/A:C

refmap via4

bugtraq

20050325 smail remote and local root holes

Last major update

18-10-2016 - 03:15

Published

02-05-2005 - 04:00

Last modified

18-10-2016 - 03:15