Test Kennung:	1.3.6.1.4.1.25623.1.0.53573
Kategorie:	Debian Local Security Checks
Titel:	Debian Security Advisory DSA 083-1 (procmail)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing an update to procmail announced via advisory DSA 083-1. Using older versions of procmail it was possible to make procmail crash by sending it signals. On systems where procmail is installed setuid this could be exploited to obtain unauthorized privileges. This problem has been fixed in version 3.20 by the upstream maintainer, included in Debian unstable, and was ported back to version 3.15.2 which is available for for the stable Debian GNU/Linux 2.2. We recommend that you upgrade your procmail package immediately. Solution: http://www.securityspace.com/smysecure/catid.html?in=DSA%20083-1 CVSS Score: 6.2 CVSS Vector: AV:L/AC:H/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2001-0905 BugTraq ID: 3071 http://www.securityfocus.com/bid/3071 Conectiva Linux advisory: CLA-2001:433 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000433 Debian Security Information: DSA-083 (Google Search) http://www.debian.org/security/2001/dsa-083 FreeBSD Security Advisory: FreeBSD-SA-01:60 ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:60.procmail.asc http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-085.php3 http://www.redhat.com/support/errata/RHSA-2001-093.html XForce ISS Database: procmail-signal-handling-race(6872) https://exchange.xforce.ibmcloud.com/vulnerabilities/6872
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.