CNNVD-ID编号 | CNNVD-200602-226 |
CVE编号 | CVE-2006-0709 |
发布时间 | 2006-02-15 |
更新时间 | 2006-03-06 |
漏洞类型 | 缓冲区溢出 |
漏洞来源 | Discovered by Ulf Harnhammar |
危险等级 | 高危 |
威胁类型 | 远程 |
厂 商 | metamail_corporation |
Metamail 2.7-50中存在缓冲区溢出漏洞。远程攻击者可以借助带有长boundary属性的电子邮件消息造成拒绝服务(应用程序崩溃),并可能执行任意代码。
目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
Metamail Metamail 2.7
Debian metamail_2.7-45woody.4_alpha.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/metamail/metamail_2.7-4 5woody.4_alpha.deb
Debian metamail_2.7-45woody.4_arm.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/metamail/metamail_2.7-4 5woody.4_arm.deb
Debian metamail_2.7-45woody.4_hppa.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/metamail/metamail_2.7-4 5woody.4_hppa.deb
Debian metamail_2.7-45woody.4_i386.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/metamail/metamail_2.7-4 5woody.4_i386.deb
Debian metamail_2.7-45woody.4_ia64.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/metamail/metamail_2.7-4 5woody.4_ia64.deb
Debian metamail_2.7-45woody.4_m68k.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/metamail/metamail_2.7-4 5woody.4_m68k.deb
Debian metamail_2.7-45woody.4_mips.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/metamail/metamail_2.7-4 5woody.4_mips.deb
Debian metamail_2.7-45woody.4_mipsel.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/metamail/metamail_2.7-4 5woody.4_mipsel.deb
Debian metamail_2.7-45woody.4_powerpc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/metamail/metamail_2.7-4 5woody.4_powerpc.deb
Debian metamail_2.7-45woody.4_s390.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/metamail/metamail_2.7-4 5woody.4_s390.deb
Debian metamail_2.7-45woody.4_sparc.deb
Debian GNU/Linux 3.0 alias woody
http://security.debian.org/pool/updates/main/m/metamail/metamail_2.7-4 5woody.4_sparc.deb
Debian metamail_2.7-47sarge1_alpha.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/metamail/metamail_2.7-4 7sarge1_alpha.deb
Debian metamail_2.7-47sarge1_amd64.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/metamail/metamail_2.7-4 7sarge1_amd64.deb
Debian metamail_2.7-47sarge1_arm.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/metamail/metamail_2.7-4 7sarge1_arm.deb
Debian metamail_2.7-47sarge1_hppa.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/metamail/metamail_2.7-4 7sarge1_hppa.deb
Debian metamail_2.7-47sarge1_i386.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/metamail/metamail_2.7-4 7sarge1_i386.deb
Debian metamail_2.7-47sarge1_ia64.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/metamail/metamail_2.7-4 7sarge1_ia64.deb
Debian metamail_2.7-47sarge1_m68k.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/metamail/metamail_2.7-4 7sarge1_m68k.deb
Debian metamail_2.7-47sarge1_mips.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/metamail/metamail_2.7-4 7sarge1_mips.deb
Debian metamail_2.7-47sarge1_mipsel.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/metamail/metamail_2.7-4 7sarge1_mipsel.deb
Debian metamail_2.7-47sarge1_powerpc.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/metamail/metamail_2.7-4 7sarge1_powerpc.deb
Debian metamail_2.7-47sarge1_s390.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/metamail/metamail_2.7-4 7sarge1_s390.deb
Debian metamail_2.7-47sarge1_sparc.deb
Debian GNU/Linux 3.1 alias sarge
http://security.debian.org/pool/updates/main/m/metamail/metamail_2.7-4 7sarge1_sparc.deb
来源: MANDRIVA
名称: MDKSA-2006:047
链接:http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:047
来源: BID
名称: 16611
来源: REDHAT
名称: RHSA-2006:0217
来源: SECUNIA
名称: 19000
来源: SECUNIA
名称: 18987
来源: VUPEN
名称: ADV-2006-0565
来源: SECTRACK
名称: 1015654
来源: SECUNIA
名称: 18796
来源: bugs.debian.org
来源: XF
名称: metamail-boundary-bo(24702)
来源: SUSE
名称: SUSE-SR:2006:005
链接:http://www.novell.com/linux/security/advisories/2006_05_sr.html
来源: GENTOO
名称: GLSA-200603-16
链接:http://www.gentoo.org/security/en/glsa/glsa-200603-16.xml
来源: DEBIAN
名称: DSA-995
来源: SECUNIA
名称: 19304
来源: SECUNIA
名称: 19226