|
Vulnerability Assessment & Network Security Forums |
|||||||||
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Red Hat Local Security Checks >> RHSA-2005-025: exim Vulnerability Assessment Details
|
RHSA-2005-025: exim |
||
Check for the version of the exim packages Detailed Explanation for this Vulnerability Assessment Updated exim packages that resolve security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Exim is a mail transport agent (MTA) developed at the University of Cambridge for use on Unix systems connected to the Internet. A buffer overflow was discovered in the spa_base64_to_bits function in Exim, as originally obtained from Samba code. If SPA authentication is enabled, a remote attacker may be able to exploit this vulnerability to execute arbitrary code as the 'exim' user. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0022 to this issue. Please note that SPA authentication is not enabled by default in Red Hat Enterprise Linux 4. Buffer overflow flaws were discovered in the host_aton and dns_build_reverse functions in Exim. A local user can trigger these flaws by executing exim with carefully crafted command line arguments and may be able to gain the rights of the 'exim' account. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0021 to this issue. Users of Exim are advised to update to these erratum packages which contain backported patches to correct these issues. Solution : http://rhn.redhat.com/errata/RHSA-2005-025.html Network Security Threat Level: High Networks Security ID: Vulnerability Assessment Copyright: This script is Copyright (C) 2005 Tenable Network Security |
||
Cables, Connectors |
NEW Palmrest Keyboard For Lenovo Thinkpad E15 Gen 2 20T8 20T9 Black 5M10W64513
$80.99
For Lenovo IdeaPad 3 15IIL05 15IML05 15ADA05 15ARE05 Palmrest Keyboard Touchpad
$59.25
Genuine Lenovo IdeaPad 5-15IIL05 5-15ITL05 palmrest BL keyboard 5CB0Z31242
$118.90
Lenovo 500w Gen 3 Laptop, 11.6" IPS Glass, N6000, 8GB, 128GB SSD, Win 11 Home
$186.99
Lenovo IP 5 16IAU7 16" 2.5K Chromebook i3-1215U 8GB Ram 128GB eMMC Chrome OS
$219.99
LENOVO LEGION 5 PRO 16ITH6H | CORE I7-11800H | 2TB | 16GB RAM | WIN11 | NEW
$699.99
Lenovo Ideapad 1i 15.6" FHD Notebook Intel Core i5-1235U 8GB RAM 256GB SSD
$339.99
Lenovo Notebook IdeaPad 1 Laptop, N6000, 4GB, 128GB eMMC, Win 11 Home-Certified
$229.49
Lenovo K14 AMD Laptop, 14" FHD IPS LED , Ryzen 5 5600U, GB, 256GB SSD
$569.00
Lenovo Flex 7 14IRU8 14" 2.2K Touch Intel Core i7-1355U 16GB 1TB SSD W11H
$529.99
|
||
No Discussions have been posted on this vulnerability. |