Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Debian Local Security Checks --> Category: infos

[DSA186] DSA-186-1 log2mail Vulnerability Scan

Vulnerability Scan Summary
DSA-186-1 log2mail

Detailed Explanation for this Vulnerability Test

Enrico Zini discovered a buffer overflow in log2mail, a daemon for
watching logfiles and sending lines with matching patterns via mail.
The log2mail daemon is started upon system boot and runs as root. A
specially crafted (remote) log message could overflow a static buffer,
potentially leaving log2mail to execute arbitrary code as root.
This problem has been fixed in version the current
stable distribution (woody) and in version 0.2.6-1 for the unstable
distribution (sid). The old stable distribution (potato) is not
affected since it doesn't contain a log2mail package.
We recommend that you upgrade your log2mail package.

Solution :
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.