Red Hat Local Security Checks : RedHat Security Advisory RHSA-2005:640

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.54428

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2005:640

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory RHSA-2005:640.

Fetchmail is a remote mail retrieval and forwarding utility.

A buffer overflow was discovered in fetchmail's POP3 client. A malicious
server could cause send a carefully crafted message UID and cause fetchmail
to crash or potentially execute arbitrary code as the user running
fetchmail. The Common Vulnerabilities and Exposures project assigned the
name CVE-2005-2335 to this issue.

Users of fetchmail should update to this erratum package which contains a
backported patch to correct this issue.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2005-640.html

Risk factor : Medium

CVSS Score:
5.0

Referencia Cruzada: BugTraq ID: 14349
Common Vulnerability Exposure (CVE) ID: CVE-2005-2335
http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html
http://www.securityfocus.com/bid/14349
BugTraq ID: 19289
http://www.securityfocus.com/bid/19289
Bugtraq: 20060526 rPSA-2006-0084-1 fetchmail (Google Search)
http://www.securityfocus.com/archive/1/435197/100/0/threaded
Bugtraq: 20060801 DMA[2006-0801a] - 'Apple OSX fetchmail buffer overflow' (Google Search)
http://www.securityfocus.com/archive/1/441856/100/200/threaded
Cert/CC Advisory: TA06-214A
http://www.us-cert.gov/cas/techalerts/TA06-214A.html
Debian Security Information: DSA-774 (Google Search)
http://www.debian.org/security/2005/dsa-774
http://www.redhat.com/archives/fedora-announce-list/2005-July/msg00088.html
http://www.redhat.com/archives/fedora-announce-list/2005-July/msg00089.html
http://www.redhat.com/archives/fedora-announce-list/2005-July/msg00104.html
http://www.osvdb.org/18174
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1038
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1124
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8833
http://www.redhat.com/support/errata/RHSA-2005-640.html
http://secunia.com/advisories/16176
http://secunia.com/advisories/21253
SuSE Security Announcement: SUSE-SR:2005:018 (Google Search)
http://www.novell.com/linux/security/advisories/2005_18_sr.html
http://www.vupen.com/english/advisories/2005/1171
http://www.vupen.com/english/advisories/2006/3101

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.54428
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2005:640
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2005:640. Fetchmail is a remote mail retrieval and forwarding utility. A buffer overflow was discovered in fetchmail's POP3 client. A malicious server could cause send a carefully crafted message UID and cause fetchmail to crash or potentially execute arbitrary code as the user running fetchmail. The Common Vulnerabilities and Exposures project assigned the name CVE-2005-2335 to this issue. Users of fetchmail should update to this erratum package which contains a backported patch to correct this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2005-640.html Risk factor : Medium CVSS Score: 5.0
Referencia Cruzada:	BugTraq ID: 14349 Common Vulnerability Exposure (CVE) ID: CVE-2005-2335 http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html http://www.securityfocus.com/bid/14349 BugTraq ID: 19289 http://www.securityfocus.com/bid/19289 Bugtraq: 20060526 rPSA-2006-0084-1 fetchmail (Google Search) http://www.securityfocus.com/archive/1/435197/100/0/threaded Bugtraq: 20060801 DMA[2006-0801a] - 'Apple OSX fetchmail buffer overflow' (Google Search) http://www.securityfocus.com/archive/1/441856/100/200/threaded Cert/CC Advisory: TA06-214A http://www.us-cert.gov/cas/techalerts/TA06-214A.html Debian Security Information: DSA-774 (Google Search) http://www.debian.org/security/2005/dsa-774 http://www.redhat.com/archives/fedora-announce-list/2005-July/msg00088.html http://www.redhat.com/archives/fedora-announce-list/2005-July/msg00089.html http://www.redhat.com/archives/fedora-announce-list/2005-July/msg00104.html http://www.osvdb.org/18174 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1038 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1124 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8833 http://www.redhat.com/support/errata/RHSA-2005-640.html http://secunia.com/advisories/16176 http://secunia.com/advisories/21253 SuSE Security Announcement: SUSE-SR:2005:018 (Google Search) http://www.novell.com/linux/security/advisories/2005_18_sr.html http://www.vupen.com/english/advisories/2005/1171 http://www.vupen.com/english/advisories/2006/3101
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com