|
Family: Ubuntu Local Security Checks --> Category: infos
USN76-1 : emacs21 vulnerability Vulnerability Scan
Vulnerability Scan Summary emacs21 vulnerability
Detailed Explanation for this Vulnerability Test
Synopsis :
These remote packages are missing security patches :
- emacs21
- emacs21-bin-common
- emacs21-common
- emacs21-el
- emacs21-nox
Description :
Max Vozeler discovered a format string vulnerability in the "movemail"
utility of Emacs. By sending specially crafted packets, a malicious
POP3 server could cause a buffer overflow, which could have been
exploited to execute arbitrary code with the rights of the user
and the "mail" group (since "movemail" is installed as "setgid mail").
Solution :
Upgrade to :
- emacs21-21.3+1-5ubuntu4.2 (Ubuntu 4.10)
- emacs21-bin-common-21.3+1-5ubuntu4.2 (Ubuntu 4.10)
- emacs21-common-21.3+1-5ubuntu4.2 (Ubuntu 4.10)
- emacs21-el-21.3+1-5ubuntu4.2 (Ubuntu 4.10)
- emacs21-nox-21.3+1-5ubuntu4.2 (Ubuntu 4.10)
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|