Debian Security Advisory DSA 553-1 (getmail) Network Vulnerability

Summary

The remote host is missing an update to getmail announced via advisory DSA 553-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20553-1

Insight

A security problem has been discovered in getmail, a POP3 and APOP mail gatherer and forwarder. An attacker with a shell account on the victims host could utilise getmail to overwrite arbitrary files when it is running as root. For the stable distribution (woody) this problem has been fixed in version 2.3.7-2. For the unstable distribution (sid) this problem has been fixed in version 3.2.5-1. We recommend that you upgrade your getmail package.

Severity

Classification

CVE CVE-2004-0880, CVE-2004-0881
CVSS Base Score: 2.1
AV:L/AC:L/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Debian Security Advisory DSA 2321-1 (moin)
Debian Security Advisory DSA 1518-1 (backup-manager)
Debian Security Advisory DSA 011-1 (mgetty)
Debian Security Advisory DSA 043-1 (zope)
Debian Security Advisory DSA 2309-1 (openssl)

Take action and discover your vulnerabilities