 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.53943 |
| Categoría: | Slackware Local Security Checks |
| Título: | Slackware: Security Advisory (SSA:2004-049-02) |
| Resumen: | The remote host is missing an update for the 'metamail' package(s) announced via the SSA:2004-049-02 advisory. |
| Descripción: | Summary: The remote host is missing an update for the 'metamail' package(s) announced via the SSA:2004-049-02 advisory. Vulnerability Insight: Metamail is a set of utilities for processing MIME mail. New metamail packages are available for Slackware 8.1, 9.0, 9.1, and -current. These fix two format string bugs and two buffer overflows which could lead to unauthorized code execution. Thanks to Ulf Harnhammar for discovering these problems and providing a patch. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: [links moved to references] Here are the details from the Slackware 9.1 ChangeLog: +--------------------------+ Wed Feb 18 03:44:42 PST 2004 patches/packages/metamail-2.7-i486-2.tgz: Patched two format string bugs and two buffer overflows in metamail which could lead to unauthorized code execution. Thanks to Ulf Harnhammar for discovering these problems and providing a patch. (* Security fix *) +--------------------------+ Affected Software/OS: 'metamail' package(s) on Slackware 8.1, Slackware 9.0, Slackware 9.1, Slackware current. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2004-0104 BugTraq ID: 9692 http://www.securityfocus.com/bid/9692 Bugtraq: 20040218 metamail format string bugs and buffer overflows (Google Search) http://marc.info/?l=bugtraq&m=107713476911429&w=2 CERT/CC vulnerability note: VU#518518 http://www.kb.cert.org/vuls/id/518518 Computer Incident Advisory Center Bulletin: O-083 http://www.ciac.org/ciac/bulletins/o-083.shtml Debian Security Information: DSA-449 (Google Search) http://www.debian.org/security/2004/dsa-449 http://www.mandriva.com/security/advisories?name=MDKSA-2004:014 http://www.redhat.com/support/errata/RHSA-2004-073.html http://secunia.com/advisories/10908 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.404734 http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0041.html XForce ISS Database: metamail-contenttype-format-string(15245) https://exchange.xforce.ibmcloud.com/vulnerabilities/15245 XForce ISS Database: metamail-printheader-format-string(15259) https://exchange.xforce.ibmcloud.com/vulnerabilities/15259 Common Vulnerability Exposure (CVE) ID: CVE-2004-0105 CERT/CC vulnerability note: VU#513062 http://www.kb.cert.org/vuls/id/513062 XForce ISS Database: metamail-printheader-nonascii-bo(15247) https://exchange.xforce.ibmcloud.com/vulnerabilities/15247 XForce ISS Database: metamail-splitmail-subject-bo(15258) https://exchange.xforce.ibmcloud.com/vulnerabilities/15258 |
| Copyright | Copyright (C) 2012 Greenbone AG |
| Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |