|
Vulnerability Assessment & Network Security Forums |
|||||||||
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Debian Local Security Checks >> [DSA141] DSA-141-1 mpack Vulnerability Assessment Details
|
[DSA141] DSA-141-1 mpack |
||
DSA-141-1 mpack Detailed Explanation for this Vulnerability Assessment Eckehard Berns discovered a buffer overflow in the munpack program which is used for decoding (respectively) binary files in MIME (Multipurpose Internet Mail Extensions) format mail messages. If munpack is run on an appropriately malformed email (or news article) then it will crash, and perhaps can be made to run arbitrary code. Herbert Xu reported a second vulnerability which affected malformed filenames that refer to files in upper directories like "../a". The security impact is limited, though, because only a single leading "../" was accepted and only new files can be created (i.e. no files will be overwritten). Both problems have been fixed in version 1.5-5potato2 for the old stable distribution (potato), in version 1.5-7woody2 for the current stable distribution (woody) and in version 1.5-9 for the unstable distribution (sid). We recommend that you upgrade your mpack package immediately. Solution : http://www.debian.org/security/2002/dsa-141 Network Security Threat Level: High Networks Security ID: 5385 Vulnerability Assessment Copyright: This script is (C) 2005 Michel Arboi |
||
Cables, Connectors |
Juniper EX4300-24T Layer 3 24 Ports Manageable Ethernet Switch 1 Year Warranty
$139.00
Juniper EX2200-C-12T-2G 12 Port L3 EX2200-C Compact Fanless Switch 1YearWarranty
$170.00
Juniper Networks EX3300-48P 48-Port PoE+ 4x SFP+ Network Switch w/ Power Cord
$43.95
JUNIPER EX3400-48P 48x 1GB PoE+ RJ-45 4x 10GB SFP+ 2x 40GB QSFP+, DUAL AC POWER
$210.00
Juniper Networks EX2200-C-12P-2G 12 Port Gigabit PoE 2 T/SFP 1G Network Switch
$129.00
Juniper EX3300-48P, 48 Port PoE+ Gigabit Network Switch w/ Power cord
$54.99
Juniper EX3400-48P 48-Ports PoE+ 4x SFP+ and 2x QSFP+ Managed Switch Tested
$205.00
Juniper MX204 +JUNOS X2 AC Dual Power Supply JN204/MX204 4x40GbE Or 4x100GB
$6999.99
JUNIPER EX4550-32F-AFO 32-PORT ETHERNET SWITCH 2x POWER SUPPLY - TESTED
$299.99
Juniper Networks EX3300-24P 24-Port PoE+ 4x SFP+ Network Switch TESTED
$79.99
|
||
No Discussions have been posted on this vulnerability. |