Summary: | mail-mta/nbsmtp format string vulnerability | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sune Kloppenborg Jeppesen (RETIRED) <jaervosz> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | ferdy |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B2 [glsa] jaervosz | ||
Package list: | Runtime testing required: | --- |
Description
Sune Kloppenborg Jeppesen (RETIRED)
2005-07-25 12:31:56 UTC
Ferdy please provide an updated ebuild. nbsmtp-1.00 (which fixes the problem) added with keywords: alpha ~amd64 ~hppa ~ppc ~sparc x86 Cheers, Ferdy Arches please test and mark stable. ppc stable sparc stable. On further investigation, I am not sure this is a vulnerability at all. This is an SMTP client, not a daemon, so the attack is local and may be used to elevate privileges to... yourself ? mmmm nope. A malicious server 'might' inject code; I had a: syslog(something,string_from_server); where I should have: syslog(something,"%s",string_from_server); HTH Cheers, Ferdy Thanks for the details. Rerating B2. I'll ask for a CAN number to MITRE. This is still missing the hppa keyword. Stable on hppa Ready for GLSA, waiting a little for the CAN number to be attributed. Enough waiting, we'll add the CAN afterwards when it is attributed. GLSA 200508-03 |