Nessus Plugin #15137
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
[DSA300] DSA-300-1 balsa
- Family:
- Debian Local Security Checks
- Category:
- infos
- Copyright:
- This script is (C) 2004 Michel Arboi
- Summary:
- DSA-300-1 balsa
- Version:
- $Revision: 1.4 $
- Cve_id:
- CAN-2003-0167
- Bugtraq_id:
- 7229
- Xrefs:
- DSA:300
- Description:
Byrial Jensen discovered a couple of off-by-one buffer overflow in the
IMAP code of Mutt, a text-oriented mail reader supporting IMAP, MIME,
GPG, PGP and threading. This code is imported in the Balsa package.
This problem could potentially allow a remote malicious IMAP server to
cause a denial of service (crash) and possibly execute arbitrary code
via a specially crafted mail folder.
For the stable distribution (woody) this problem has been fixed in
version 1.2.4-2.2.
The old stable distribution (potato) does not seem to be affected by
this problem.
For the unstable distribution (sid) this problem will be fixed soon.
We recommend that you upgrade your balsa package.
Solution : http://www.debian.org/security/2003/dsa-300
Risk factor : High
Generiert am 27.04.2005 um 18:49:54 Uhr.