Nessus Plugin #14895
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
[DSA058] DSA-058-1 exim
- Family:
- Debian Local Security Checks
- Category:
- infos
- Copyright:
- This script is (C) 2004 Michel Arboi
- Summary:
- DSA-058-1 exim
- Version:
- $Revision: 1.4 $
- Cve_id:
- CVE-2001-0690
- Bugtraq_id:
- -
- Xrefs:
- DSA:058
- Description:
Megyer Laszlo found a printf format bug in the exim mail transfer
agent. The code that checks the header syntax of an email logs
an error without protecting itself against printf format attacks.
It's only exploitable locally with the -bS switch
(in batched SMTP mode).
This problem has been fixed in version 3.12-10.1. Since that code is
not turned on by default a standard installation is not vulnerable,
but we still recommend to upgrade your exim package.
Solution : http://www.debian.org/security/2001/dsa-058
Risk factor : High
Generiert am 27.04.2005 um 18:49:54 Uhr.