Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Gentoo Local Security Checks --> Category: infos

[GLSA-200403-06] Multiple remote buffer overflow vulnerabilities in Courier Vulnerability Scan

Vulnerability Scan Summary
Multiple remote buffer overflow vulnerabilities in Courier

Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200403-06
(Multiple remote buffer overflow vulnerabilities in Courier)

The vulnerabilities have been found in the 'SHIFT_JIS' converter in
'shiftjis.c' and 'ISO2022JP' converter in 'so2022jp.c'. A possible hacker may
supply Unicode characters that exceed BMP (Basic Multilingual Plane) range,
causing an overflow.


A possible hacker without rights may exploit this vulnerability remotely, allowing arbitrary code to be executed in order to gain unauthorized access.


While a workaround is not currently known for this issue, all users are
advised to upgrade to the latest version of the affected packages.


All users should upgrade to current versions of the affected packages:
# emerge sync
# emerge -pv ">=net-mail/courier-imap-3.0.0"
# emerge ">=net-mail/courier-imap-3.0.0"
# ** Or
depending on your installation... **
# emerge -pv ">=net-mail/courier-0.45"
# emerge ">=net-mail/courier-0.45"

Threat Level: Medium

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.