CVE-2005-1125

Description

Race condition in libsafe 2.0.16 and earlier, when running in multi-threaded applications, allows attackers to bypass libsafe protection and exploit other vulnerabilities before the _libsafe_die function call is completed.

Affected products

• Avaya / libsafe2.0.1 – 2.0.1
• Avaya / libsafe2.0.2 – 2.0.2
• Avaya / libsafe2.0.3 – 2.0.3
• Avaya / libsafe2.0.4 – 2.0.4
• Avaya / libsafe2.0.5 – 2.0.5
• Avaya / libsafe2.0.6 – 2.0.6
• Avaya / libsafe2.0.7 – 2.0.7
• Avaya / libsafe2.0.8 – 2.0.8
• Avaya / libsafe2.0.9 – 2.0.9
• Avaya / libsafe2.0.10 – 2.0.10
• Avaya / libsafe2.0.11 – 2.0.11
• Avaya / libsafe2.0.12 – 2.0.12
• Avaya / libsafe2.0.13 – 2.0.13
• Avaya / libsafe2.0.14 – 2.0.14
• Avaya / libsafe2.0.15 – 2.0.15
• Avaya / libsafe2.0.16 – 2.0.16

References

• MISChttp://www.securityfocus.com/archive/1/395999
• MISChttp://www.securityfocus.com/bid/13190
• MISChttp://www.overflow.pl/adv/libsafebypass.txt