FreeBSD Local Security Checks : FreeBSD Ports: metamail

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.52497

Categoría: FreeBSD Local Security Checks

Título: FreeBSD Ports: metamail

Resumen: The remote host is missing an update to the system; as announced in the referenced advisory.

Descripción: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following package is affected: metamail

CVE-2004-0104
Multiple format string vulnerabilities in Metamail 2.7 and earlier
allow remote attackers to execute arbitrary code.

CVE-2004-0105
Multiple buffer overflows in Metamail 2.7 and earlier allow remote
attackers to execute arbitrary code.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2004-0104
BugTraq ID: 9692
http://www.securityfocus.com/bid/9692
Bugtraq: 20040218 metamail format string bugs and buffer overflows (Google Search)
http://marc.info/?l=bugtraq&m=107713476911429&w=2
CERT/CC vulnerability note: VU#518518
http://www.kb.cert.org/vuls/id/518518
Computer Incident Advisory Center Bulletin: O-083
http://www.ciac.org/ciac/bulletins/o-083.shtml
Debian Security Information: DSA-449 (Google Search)
http://www.debian.org/security/2004/dsa-449
http://www.mandriva.com/security/advisories?name=MDKSA-2004:014
http://www.redhat.com/support/errata/RHSA-2004-073.html
http://secunia.com/advisories/10908
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.404734
http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0041.html
XForce ISS Database: metamail-contenttype-format-string(15245)
https://exchange.xforce.ibmcloud.com/vulnerabilities/15245
XForce ISS Database: metamail-printheader-format-string(15259)
https://exchange.xforce.ibmcloud.com/vulnerabilities/15259
Common Vulnerability Exposure (CVE) ID: CVE-2004-0105
CERT/CC vulnerability note: VU#513062
http://www.kb.cert.org/vuls/id/513062
XForce ISS Database: metamail-printheader-nonascii-bo(15247)
https://exchange.xforce.ibmcloud.com/vulnerabilities/15247
XForce ISS Database: metamail-splitmail-subject-bo(15258)
https://exchange.xforce.ibmcloud.com/vulnerabilities/15258

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.52497
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: metamail
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following package is affected: metamail CVE-2004-0104 Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code. CVE-2004-0105 Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0104 BugTraq ID: 9692 http://www.securityfocus.com/bid/9692 Bugtraq: 20040218 metamail format string bugs and buffer overflows (Google Search) http://marc.info/?l=bugtraq&m=107713476911429&w=2 CERT/CC vulnerability note: VU#518518 http://www.kb.cert.org/vuls/id/518518 Computer Incident Advisory Center Bulletin: O-083 http://www.ciac.org/ciac/bulletins/o-083.shtml Debian Security Information: DSA-449 (Google Search) http://www.debian.org/security/2004/dsa-449 http://www.mandriva.com/security/advisories?name=MDKSA-2004:014 http://www.redhat.com/support/errata/RHSA-2004-073.html http://secunia.com/advisories/10908 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.404734 http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0041.html XForce ISS Database: metamail-contenttype-format-string(15245) https://exchange.xforce.ibmcloud.com/vulnerabilities/15245 XForce ISS Database: metamail-printheader-format-string(15259) https://exchange.xforce.ibmcloud.com/vulnerabilities/15259 Common Vulnerability Exposure (CVE) ID: CVE-2004-0105 CERT/CC vulnerability note: VU#513062 http://www.kb.cert.org/vuls/id/513062 XForce ISS Database: metamail-printheader-nonascii-bo(15247) https://exchange.xforce.ibmcloud.com/vulnerabilities/15247 XForce ISS Database: metamail-splitmail-subject-bo(15258) https://exchange.xforce.ibmcloud.com/vulnerabilities/15258
Copyright	Copyright (C) 2008 E-Soft Inc.