Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2006:047: metamail Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the metamail package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2006:047 (metamail).
Ulf Harnhammar discovered a buffer overflow vulnerability in the way that
metamail handles certain mail messages. A possible hacker could create a
carefully-crafted message that, when parsed via metamail, could execute
arbitrary code with the rights of the user running metamail. The updated
packages have been patched to address this issue.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:047
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.