 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.55901 |
| Kategorie: | Debian Local Security Checks |
| Titel: | Debian Security Advisory DSA 900-2 (fetchmail) |
| Zusammenfassung: | NOSUMMARY |
| Beschreibung: | Description: The remote host is missing an update to fetchmail announced via advisory DSA 900-2. Due to restrictive dependency definition the updated fetchmailconf package couldn't be installed on the old stable distribution (woody) together with fetchmail-ssl. Hence, this update loosens it, so that the update can be pulled in. For completeness we're including the original advisory text: Thomas Wolff discovered that the fetchmailconfig program which is provided as part of fetchmail, an SSL enabled POP3, APOP, IMAP mail gatherer/forwarder, creates the new configuration in an insecure fashion that can lead to leaking passwords for mail accounts to local users. This update also fixes a regression in the package for stable caused by the last security update. For the old stable distribution (woody) this problem has been fixed in version 5.9.11-6.4. For the stable distribution (sarge) this problem has been fixed in version 6.2.5-12sarge3. For the unstable distribution (sid) this problem has been fixed in version 6.2.5.4-1. We recommend that you upgrade your fetchmail package. Solution: http://www.securityspace.com/smysecure/catid.html?in=DSA%20900-2 CVSS Score: 2.1 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N |
| Querverweis: |
BugTraq ID: 15179 Common Vulnerability Exposure (CVE) ID: CVE-2005-3088 http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html http://www.securityfocus.com/bid/15179 BugTraq ID: 19289 http://www.securityfocus.com/bid/19289 Bugtraq: 20051027 fetchmail security announcement 2005-02 (CVE-2005-3088) (Google Search) http://marc.info/?l=bugtraq&m=113042785902031&w=2 Cert/CC Advisory: TA06-214A http://www.us-cert.gov/cas/techalerts/TA06-214A.html Debian Security Information: DSA-900 (Google Search) http://www.debian.org/security/2005/dsa-900 http://www.gentoo.org/security/en/glsa/glsa-200511-06.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:209 http://www.osvdb.org/20267 http://www.redhat.com/support/errata/RHSA-2005-823.html http://securitytracker.com/id?1015114 http://secunia.com/advisories/17293 http://secunia.com/advisories/17349 http://secunia.com/advisories/17446 http://secunia.com/advisories/17491 http://secunia.com/advisories/17495 http://secunia.com/advisories/17631 http://secunia.com/advisories/18895 http://secunia.com/advisories/21253 http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.443499 https://usn.ubuntu.com/215-1/ http://www.vupen.com/english/advisories/2005/2182 http://www.vupen.com/english/advisories/2006/3101 |
| Copyright | Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com |
| Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |