Test ID:	1.3.6.1.4.1.25623.1.0.55964
Category:	Fedora Local Security Checks
Title:	Fedora Core 4 FEDORA-2005-1115 (libc-client)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to libc-client announced via advisory FEDORA-2005-1115. The c-client library provides an API which allows applications to access and manipulate remote mail boxes. The library contains a bug in its mail_valid_net_parse() function. If an application allows untrusted input to be supplied to this function, its stack may become corrupted. This update backports the fix from imap-2004g which resolves this issue. * Thu Dec 1 2005 Nalin Dahyabhai 2002e-17 - account for the /usr/share/ssl -> /etc/pki/tls move in the patch which sets the locations at compile-time (more of #165967) * Wed Nov 23 2005 Nalin Dahyabhai 2002e-16 - rebuild * Wed Nov 23 2005 Nalin Dahyabhai 2002e-15 - rebuild * Wed Nov 23 2005 Nalin Dahyabhai 2002e-14 - rebuild * Wed Nov 23 2005 Nalin Dahyabhai 2002e-13 - apply fix for CVE-2005-2933: buffer overflow (#171345) * Wed Nov 9 2005 Tomas Mraz 2002e-12 - rebuilt against new openssl * Sat Oct 15 2005 Florian La Roche - fix to rebuild at least, seems the way to specify the include dir is a bit broken Solution: Apply the appropriate updates. This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/ This update can also be installed with the Update Agent you can launch the Update Agent with the 'up2date' command. http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2005-1115 Risk factor : High CVSS Score: 7.5
Cross-Ref:	BugTraq ID: 15009 Common Vulnerability Exposure (CVE) ID: CVE-2005-2933 http://www.securityfocus.com/bid/15009 CERT/CC vulnerability note: VU#933601 http://www.kb.cert.org/vuls/id/933601 Debian Security Information: DSA-861 (Google Search) http://www.debian.org/security/2005/dsa-861 http://www.securityfocus.com/archive/1/430296/100/0/threaded http://www.securityfocus.com/archive/1/430303/100/0/threaded http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0081.html http://www.gentoo.org/security/en/glsa/glsa-200510-10.xml http://www.idefense.com/application/poi/display?id=313&type=vulnerabilities&flashstatus=true http://www.mandriva.com/security/advisories?name=MDKSA-2005:189 http://www.mandriva.com/security/advisories?name=MDKSA-2005:194 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9858 http://www.redhat.com/support/errata/RHSA-2005-848.html http://www.redhat.com/support/errata/RHSA-2005-850.html RedHat Security Advisories: RHSA-2006:0276 http://rhn.redhat.com/errata/RHSA-2006-0276.html http://www.redhat.com/support/errata/RHSA-2006-0501.html RedHat Security Advisories: RHSA-2006:0549 http://rhn.redhat.com/errata/RHSA-2006-0549.html http://securitytracker.com/id?1015000 http://secunia.com/advisories/17062/ http://secunia.com/advisories/17148 http://secunia.com/advisories/17152 http://secunia.com/advisories/17215 http://secunia.com/advisories/17276 http://secunia.com/advisories/17336 http://secunia.com/advisories/17483 http://secunia.com/advisories/17928 http://secunia.com/advisories/17930 http://secunia.com/advisories/17950 http://secunia.com/advisories/18554 http://secunia.com/advisories/19832 http://secunia.com/advisories/20210 http://secunia.com/advisories/20222 http://secunia.com/advisories/20951 http://secunia.com/advisories/21252 http://secunia.com/advisories/21564 SGI Security Advisory: 20051201-01-U ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U SGI Security Advisory: 20060501-01-U ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.500161 http://securityreason.com/securityalert/47 SuSE Security Announcement: SUSE-SR:2005:023 (Google Search) http://www.novell.com/linux/security/advisories/2005_23_sr.html http://www.vupen.com/english/advisories/2006/2685 XForce ISS Database: uw-imap-mailbox-name-bo(22518) https://exchange.xforce.ibmcloud.com/vulnerabilities/22518
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.