Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Procmail Unsafe Signal Handling Race Condition Vulnerability

Procmail Unsafe Signal Handling Race Condition Vulnerability

by Phiber on September 26th, 2001 The problems lie in several signal handlers used by the program. By generating a signal while a signal handling operation is already in progress, an attacker could interrupt a non-reentrant libc function and enter it again from the handler.


Precise timing in such an attack could possibly result in, for example, heap corruption or interruption during privilege lowering.


- This set of vulnerabilities exist because of reentrant library function calls from signal handlers (malloc, free, syslog, operations on global buffers, etc).

- Conditions where these types of attacks may be possible are known to exist in procmail, which is installed setuid root and locally executable.
Solution:



Procmail Procmail 3.10:



RedHat RPM 5.2 alpha procmail-3.21-0.52.alpha.rpm

ftp://updates.redhat.com/5.2/en/os/alpha/procmail-3.21-0.52.alpha.rpm



RedHat RPM 5.2 i386 procmail-3.21-0.52.i386.rpm

ftp://updates.redhat.com/5.2/en/os/i386/procmail-3.21-0.52.i386.rpm



RedHat RPM 5.2 sparc procmail-3.21-0.52.sparc.rpm

ftp://updates.redhat.com/5.2/en/os/sparc/procmail-3.21-0.52.sparc.rpm



Procmail Procmail 3.11:

Procmail Procmail 3.13:

Procmail Procmail 3.14:



RedHat RPM 6.2 alpha procmail-3.21-0.62.alpha.rpm

ftp://updates.redhat.com/6.2/en/os/alpha/procmail-3.21-0.62.alpha.rpm



RedHat RPM 6.2 sparc procmail-3.21-0.62.sparc.rpm

ftp://updates.redhat.com/6.2/en/os/sparc/procmail-3.21-0.62.sparc.rpm



RedHat RPM 6.2 i386 procmail-3.21-0.62.i386.rpm

ftp://updates.redhat.com/6.2/en/os/i386/procmail-3.21-0.62.i386.rpm



RedHat RPM 7.0 i386 procmail-3.21-0.71.i386.rpm

ftp://updates.redhat.com/7.0/en/os/i386/procmail-3.21-0.71.i386.rpm



RedHat RPM 7.0 alpha procmail-3.21-0.71.alpha.rpm

ftp://updates.redhat.com/7.0/en/os/alpha/procmail-3.21-0.71.alpha.rpm



RedHat RPM 7.1 ia64 procmail-3.21-0.71.ia64.rpm

ftp://updates.redhat.com/7.1/en/os/ia64/procmail-3.21-0.71.ia64.rpm



RedHat RPM 7.1 i386 procmail-3.21-0.71.i386.rpm

ftp://updates.redhat.com/7.1/en/os/i386/procmail-3.21-0.71.i386.rpm



RedHat RPM 7.1 alpha procmail-3.21-0.71.alpha.rpm

ftp://updates.redhat.com/7.1/en/os/alpha/procmail-3.21-0.71.alpha.rpm


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »