Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2002:084 (pine)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.50855

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDKSA-2002:084 (pine)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to pine
announced via advisory MDKSA-2002:084.

A vulnerability was discovered in pine while parsing and escaping
characters of email addresses
not enough memory is allocated for
storing the escaped mailbox part of the address. The resulting
buffer overflow on the heap makes pine crash. This new version of
pine, 4.50, has the vulnerability fixed. It also offers many other
bug fixes and new features.

Affected versions: 7.2, 8.0, 8.1, 8.2

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2002:084
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1320

Risk factor : Medium

CVSS Score:
5.0

Referencia Cruzada: BugTraq ID: 6120
Common Vulnerability Exposure (CVE) ID: CVE-2002-1320
http://www.securityfocus.com/bid/6120
Bugtraq: 20021107 Remote pine Denial of Service (Google Search)
http://marc.info/?l=bugtraq&m=103668430620531&w=2
Bugtraq: 20021202 GLSA: pine (Google Search)
http://marc.info/?l=bugtraq&m=103884988306241&w=2
Conectiva Linux advisory: CLA-2002:551
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000551
En Garde Linux Advisory: ESA-20021127-032
http://www.linuxsecurity.com/advisories/engarde_advisory-2614.html
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-084.php
http://www.redhat.com/support/errata/RHSA-2002-270.html
http://www.redhat.com/support/errata/RHSA-2002-271.html
SuSE Security Announcement: SuSE-SA:2002:046 (Google Search)
http://www.novell.com/linux/security/advisories/2002_046_pine.html
http://www.iss.net/security_center/static/10555.php

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.50855
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2002:084 (pine)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to pine announced via advisory MDKSA-2002:084. A vulnerability was discovered in pine while parsing and escaping characters of email addresses not enough memory is allocated for storing the escaped mailbox part of the address. The resulting buffer overflow on the heap makes pine crash. This new version of pine, 4.50, has the vulnerability fixed. It also offers many other bug fixes and new features. Affected versions: 7.2, 8.0, 8.1, 8.2 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2002:084 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1320 Risk factor : Medium CVSS Score: 5.0
Referencia Cruzada:	BugTraq ID: 6120 Common Vulnerability Exposure (CVE) ID: CVE-2002-1320 http://www.securityfocus.com/bid/6120 Bugtraq: 20021107 Remote pine Denial of Service (Google Search) http://marc.info/?l=bugtraq&m=103668430620531&w=2 Bugtraq: 20021202 GLSA: pine (Google Search) http://marc.info/?l=bugtraq&m=103884988306241&w=2 Conectiva Linux advisory: CLA-2002:551 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000551 En Garde Linux Advisory: ESA-20021127-032 http://www.linuxsecurity.com/advisories/engarde_advisory-2614.html http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-084.php http://www.redhat.com/support/errata/RHSA-2002-270.html http://www.redhat.com/support/errata/RHSA-2002-271.html SuSE Security Announcement: SuSE-SA:2002:046 (Google Search) http://www.novell.com/linux/security/advisories/2002_046_pine.html http://www.iss.net/security_center/static/10555.php
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com