Family: Debian Local Security Checks --> Category: infos
[DSA083] DSA-083-1 procmail Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
Using older versions of procmail it was possible to make procmail
crash by sending it signals. On systems where procmail is installed
setuid this could be exploited to obtain unauthorized rights.
This problem has been fixed in version 3.20 by the upstream
maintainer, included in Debian unstable, and was ported back to
version 3.15.2 which is available for the stable Debian GNU/Linux
We recommend that you upgrade your procmail package immediately.
Solution : http://www.debian.org/security/2001/dsa-083
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.