|
Family: Debian Local Security Checks --> Category: infos
[DSA437] DSA-437-1 cgiemail Vulnerability Scan
Vulnerability Scan Summary DSA-437-1 cgiemail
Detailed Explanation for this Vulnerability Test
A vulnerability was discovered in cgiemail, a CGI program used to
email the contents of an HTML form, whereby it could be used to send
email to arbitrary addresses. This type of vulnerability is commonly
exploited to send unsolicited commercial email (spam).
For the current stable distribution (woody) this problem has been
fixed in version 1.6-14woody1.
For the unstable distribution (sid), this problem has been fixed in
version 1.6-20.
We recommend that you update your cgiemail package.
Solution : http://www.debian.org/security/2004/dsa-437
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|