Test ID:	1.3.6.1.4.1.25623.1.0.57041
Category:	Ubuntu Local Security Checks
Title:	Ubuntu USN-294-1 (courier)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to courier announced via advisory USN-294-1. A security issue affects the following Ubuntu releases: Ubuntu 5.04 Ubuntu 5.10 Ubuntu 6.06 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. A Denial of Service vulnerability has been found in the function for encoding email addresses. Addresses containing a '=' before the '@' character caused the Courier to hang in an endless loop, rendering the service unusable. Solution: The problem can be corrected by upgrading your system to the following package versions: Ubuntu 5.04: courier-mta 0.47-3ubuntu1.5 Ubuntu 5.10: courier-mta 0.47-3ubuntu7.2 Ubuntu 6.06 LTS: courier-mta 0.47-13ubuntu5.1 In general, a standard system upgrade is sufficient to effect the necessary changes. http://www.securityspace.com/smysecure/catid.html?in=USN-294-1 Risk factor : High CVSS Score: 7.8
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2006-2659 BugTraq ID: 18345 http://www.securityfocus.com/bid/18345 Debian Security Information: DSA-1101 (Google Search) http://www.debian.org/security/2006/dsa-1101 http://security.gentoo.org/glsa/glsa-200608-06.xml http://securitytracker.com/id?1016248 http://secunia.com/advisories/20519 http://secunia.com/advisories/20548 http://secunia.com/advisories/20792 http://secunia.com/advisories/21350 https://usn.ubuntu.com/294-1/ http://www.vupen.com/english/advisories/2006/2214 XForce ISS Database: courier-usernames-dos(26998) https://exchange.xforce.ibmcloud.com/vulnerabilities/26998
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.