Slackware Local Security Checks : Slackware: Security Advisory (SSA:2003-300-02)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.53880

Categoría: Slackware Local Security Checks

Título: Slackware: Security Advisory (SSA:2003-300-02)

Resumen: The remote host is missing an update for the 'fetchmail' package(s) announced via the SSA:2003-300-02 advisory.

Descripción: Summary:
The remote host is missing an update for the 'fetchmail' package(s) announced via the SSA:2003-300-02 advisory.

Vulnerability Insight:
Fetchmail is a mail-retrieval and forwarding utility.

Upgraded fetchmail packages are available for Slackware 8.1, 9.0,
9.1, and -current. These fix a vulnerability where a specially
crafted email could crash fetchmail, preventing the user from
downloading or forwarding their email.

More details about this issue may be found in the Common
Vulnerabilities and Exposures (CVE) database:

[link moved to references]

Here are the details from the Slackware 9.1 ChangeLog:
+--------------------------+
Wed Oct 22 12:10:11 PDT 2003
patches/packages/fetchmail-6.2.5-i486-1.tgz: Upgraded to fetchmail-6.2.5.
This fixes a security issue where a specially crafted message could cause
fetchmail to crash, preventing the user from retrieving email.
(* Security fix *)
+--------------------------+

Affected Software/OS:
'fetchmail' package(s) on Slackware 8.1, Slackware 9.0, Slackware 9.1, Slackware current.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2003-0792
BugTraq ID: 8843
http://www.securityfocus.com/bid/8843
Bugtraq: 20040220 LNSA-#2004-0002: Fetchmail 6.2.4 and earlier remote denial of service (Google Search)
http://marc.info/?l=bugtraq&m=107731542827401&w=2
http://security.gentoo.org/glsa/glsa-200403-10.xml
Immunix Linux Advisory: IMNX-2003-7+-023-01
http://www.securityfocus.com/advisories/5987
http://www.mandriva.com/security/advisories?name=MDKSA-2003:101
SCO Security Bulletin: CSSA-2004-004.0
ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-004.0/CSSA-2004-004.0.txt
TurboLinux Advisory: TLSA-2003-61
http://www.turbolinux.com/security/TLSA-2003-61.txt
XForce ISS Database: fetchmail-email-dos(13450)
https://exchange.xforce.ibmcloud.com/vulnerabilities/13450

Copyright Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.53880
Categoría:	Slackware Local Security Checks
Título:	Slackware: Security Advisory (SSA:2003-300-02)
Resumen:	The remote host is missing an update for the 'fetchmail' package(s) announced via the SSA:2003-300-02 advisory.
Descripción:	Summary: The remote host is missing an update for the 'fetchmail' package(s) announced via the SSA:2003-300-02 advisory. Vulnerability Insight: Fetchmail is a mail-retrieval and forwarding utility. Upgraded fetchmail packages are available for Slackware 8.1, 9.0, 9.1, and -current. These fix a vulnerability where a specially crafted email could crash fetchmail, preventing the user from downloading or forwarding their email. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: [link moved to references] Here are the details from the Slackware 9.1 ChangeLog: +--------------------------+ Wed Oct 22 12:10:11 PDT 2003 patches/packages/fetchmail-6.2.5-i486-1.tgz: Upgraded to fetchmail-6.2.5. This fixes a security issue where a specially crafted message could cause fetchmail to crash, preventing the user from retrieving email. (* Security fix *) +--------------------------+ Affected Software/OS: 'fetchmail' package(s) on Slackware 8.1, Slackware 9.0, Slackware 9.1, Slackware current. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2003-0792 BugTraq ID: 8843 http://www.securityfocus.com/bid/8843 Bugtraq: 20040220 LNSA-#2004-0002: Fetchmail 6.2.4 and earlier remote denial of service (Google Search) http://marc.info/?l=bugtraq&m=107731542827401&w=2 http://security.gentoo.org/glsa/glsa-200403-10.xml Immunix Linux Advisory: IMNX-2003-7+-023-01 http://www.securityfocus.com/advisories/5987 http://www.mandriva.com/security/advisories?name=MDKSA-2003:101 SCO Security Bulletin: CSSA-2004-004.0 ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2004-004.0/CSSA-2004-004.0.txt TurboLinux Advisory: TLSA-2003-61 http://www.turbolinux.com/security/TLSA-2003-61.txt XForce ISS Database: fetchmail-email-dos(13450) https://exchange.xforce.ibmcloud.com/vulnerabilities/13450
Copyright	Copyright (C) 2012 Greenbone AG