diff options
author | Neil McGovern <neilm@debian.org> | 2005-10-04 11:32:33 +0000 |
---|---|---|
committer | Neil McGovern <neilm@debian.org> | 2005-10-04 11:32:33 +0000 |
commit | 6877b210a25291837a9c892a4c92ded37c9ec3a2 (patch) | |
tree | 8c91845fae375690c8e15553631fd233f62b21e6 /data/DTSA | |
parent | 93915c34e018740bb988c6305dd918e97c97e5d4 (diff) |
Created .adv
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@2296 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'data/DTSA')
-rw-r--r-- | data/DTSA/advs/20-mailutils.adv | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/data/DTSA/advs/20-mailutils.adv b/data/DTSA/advs/20-mailutils.adv new file mode 100644 index 0000000000..35fbd0edfd --- /dev/null +++ b/data/DTSA/advs/20-mailutils.adv @@ -0,0 +1,18 @@ +source: mailutils +date: October 4th, 2005 +author: Neil Mcgovern +vuln-type: Format string vulnerability +problem-scope: remote +debian-specifc: no +cve: CAN-2005-2878 +vendor-advisory: http://savannah.gnu.org/patch/index.php?func=detailitem&item_id=4407 +testing-fix: 1:0.6.90-2.1etch1 +sid-fix: 1:0.6.90-3 +upgrade: apt-get install mailutils + +A ormat string vulnerability has been discovered in Mailutils. + +CAN-2005-2878 + A format string vulnerability in search.c in the imap4d server in GNU + Mailutils 0.6 allows remote authenticated users to execute arbitrary code via + format string specifiers in the SEARCH command. |