| Descripción: | Description:
The remote host is missing an update to libesmtp
announced via advisory MDVSA-2010:195.
Multiple vulnerabilities has been found and corrected in libesmtp:
libESMTP, probably 1.0.4 and earlier, does not properly handle a \'\0\'
(NUL) character in a domain name in the subject's Common Name (CN)
field of an X.509 certificate, which allows man-in-the-middle attackers
to spoof arbitrary SSL servers via a crafted certificate issued by a
legitimate Certification Authority, a related issue to CVE-2009-2408
(CVE-2010-1192).
The match_component function in smtp-tls.c in libESMTP 1.0.3.r1, and
possibly other versions including 1.0.4, treats two strings as equal if
one is a substring of the other, which allows remote attackers to spoof
trusted certificates via a crafted subjectAltName (CVE-2010-1194).
Packages for 2008.0 and 2009.0 are provided as of the Extended
Maintenance Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490
The updated packages have been patched to correct these issues.
Affected: 2008.0, 2009.0, 2009.1, 2010.0, 2010.1, Corporate 4.0,
Enterprise Server 5.0
Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2010:195
Risk factor : High
CVSS Score:
6.8
|
