Users login

Create an account »


Users login

Home » Hacking News » Procmail Unsafe Signal Handling Race Condition Vulnerability

Procmail Unsafe Signal Handling Race Condition Vulnerability

by Phiber on September 26th, 2001 The problems lie in several signal handlers used by the program. By generating a signal while a signal handling operation is already in progress, an attacker could interrupt a non-reentrant libc function and enter it again from the handler.

Precise timing in such an attack could possibly result in, for example, heap corruption or interruption during privilege lowering.

- This set of vulnerabilities exist because of reentrant library function calls from signal handlers (malloc, free, syslog, operations on global buffers, etc).

- Conditions where these types of attacks may be possible are known to exist in procmail, which is installed setuid root and locally executable.

Procmail Procmail 3.10:

RedHat RPM 5.2 alpha procmail-3.21-0.52.alpha.rpm

RedHat RPM 5.2 i386 procmail-3.21-0.52.i386.rpm

RedHat RPM 5.2 sparc procmail-3.21-0.52.sparc.rpm

Procmail Procmail 3.11:
Procmail Procmail 3.13:
Procmail Procmail 3.14:

RedHat RPM 6.2 alpha procmail-3.21-0.62.alpha.rpm

RedHat RPM 6.2 sparc procmail-3.21-0.62.sparc.rpm

RedHat RPM 6.2 i386 procmail-3.21-0.62.i386.rpm

RedHat RPM 7.0 i386 procmail-3.21-0.71.i386.rpm

RedHat RPM 7.0 alpha procmail-3.21-0.71.alpha.rpm

RedHat RPM 7.1 ia64 procmail-3.21-0.71.ia64.rpm

RedHat RPM 7.1 i386 procmail-3.21-0.71.i386.rpm

RedHat RPM 7.1 alpha procmail-3.21-0.71.alpha.rpm

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.


Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »