Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[gentoo-announce] GLSA: fetchmail
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index News & Announcements
View previous topic :: View next topic  
Author Message
klieber
Administrator
Administrator


Joined: 17 Apr 2002
Posts: 3657
Location: San Francisco, CA

PostPosted: Tue Oct 01, 2002 1:47 pm    Post subject: [gentoo-announce] GLSA: fetchmail Reply with quote

Daniel Ahlberg wrote:
- - --------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT
- - --------------------------------------------------------------------

PACKAGE :fetchmail
SUMMARY :remote vulnerabilities
DATE :2002-10-01 09:30 UTC

- - --------------------------------------------------------------------

OVERVIEW

Stefan Esser from e-matters has discovered several buffer overflows and a broken boundary check within Fetchmail.

DETAIL

If Fetchmail is running in multidrop mode these flaws can be used by remote attackers to crash it or to execute arbitrary code with the permissions of the user running fetchmail. Depending on the configuration this allows a remote root compromise.

Read the full advisory at
http://security.e-matters.de/advisories/032002.html

SOLUTION

It is recommended that all Gentoo Linux users who are running net-mail/fetchmai-0.59.14 and earlier update their systems as follows:

emerge rsync
emerge fetchmail
emerge clean

Mailing List Archives: http://lists.gentoo.org/pipermail/gentoo-announce/2002-October/000209.html

--kurt
_________________
The problem with political jokes is that they get elected
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index News & Announcements All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum