‫ Debian update for procmail

IRCAD2014093502

ID: IRCAD2014093502

Release Date: 2014-09-05

Criticality level: Highly critical

Software:
Debian GNU/Linux 7.x
Description:

Debian has issued an update for procmail. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a vulnerable system.

The vulnerability is caused due to a boundary error in formail when processing a mailbox file. This can be exploited to cause a heap-based buffer overflow.

Successful exploitation may allow execution of arbitrary code.

Solution

Apply updated packages via the apt-get package manager.

References:

DSA-3019-1:

http://www.us.debian.org/security/2014/dsa-3019

Tavis Ormandy:

Secunia:
 
 

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 19 شهریور 1393

امتیاز

امتیاز شما
تعداد امتیازها:0