Vulnerability Assessment & Network Security Forums



If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.


Home >> Browse Vulnerability Assessment Database >> Red Hat Local Security Checks >> RHSA-2005-755: elm


Vulnerability Assessment Details

RHSA-2005-755: elm

Vulnerability Assessment Summary
Check for the version of the elm packages

Detailed Explanation for this Vulnerability Assessment


An updated elm package is now available that fixes a buffer overflow issue
for Red Hat Enterprise Linux 2.1 AS and AW.

This update has been rated as having critical security impact by the Red
Hat Security Response Team.

Elm is a terminal mode email client.

A buffer overflow flaw in Elm was discovered that was triggered by viewing
a mailbox containing a message with a carefully crafted 'Expires' header.
A possible hacker could create a malicious message that would execute arbitrary
code with the rights of the user who received it. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CVE-2005-2665 to this issue.

Users of Elm should update to this updated package, which contains a
backported patch that corrects this issue.




Solution : http://rhn.redhat.com/errata/RHSA-2005-755.html
Network Security Threat Level: High

Networks Security ID:

Vulnerability Assessment Copyright: This script is Copyright (C) 2005 Tenable Network Security

Cables, Connectors

16GB (2X8GB) DDR3 1333 Memory For HP MicroServer N36L/N40L/N54L/Gen8/Gen10 Wiki
$128.0
16GB (2X8GB) DDR3 1333 Memory For HP MicroServer N36L/N40L/N54L/Gen8/Gen10 Wiki pictureSeasonic model SS-520H1U Active PFC power supply 520 Watts Super Micro Server
$22.99
Seasonic model SS-520H1U Active PFC power supply 520 Watts Super Micro Server pictureHP ProLiant MicroServer Gen8 w/ extra RAID controller G1610T, 2 GB RAM, 6TB HDDs
$499.99
HP ProLiant MicroServer Gen8 w/ extra RAID controller G1610T, 2 GB RAM, 6TB HDDs pictureHP Proliant MicroServer Gen8 Celeron G1610T 2.3GHz 6GB 2x 250GB HDD Tested No OS
$345.0
HP Proliant MicroServer Gen8 Celeron G1610T 2.3GHz 6GB 2x 250GB HDD Tested No OS picture


Discussions

No Discussions have been posted on this vulnerability.