diff options
Diffstat (limited to 'metadata/glsa/glsa-200512-05.xml')
-rw-r--r-- | metadata/glsa/glsa-200512-05.xml | 65 |
1 files changed, 65 insertions, 0 deletions
diff --git a/metadata/glsa/glsa-200512-05.xml b/metadata/glsa/glsa-200512-05.xml new file mode 100644 index 000000000000..355f1365803e --- /dev/null +++ b/metadata/glsa/glsa-200512-05.xml @@ -0,0 +1,65 @@ +<?xml version="1.0" encoding="utf-8"?> +<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd"> +<glsa id="200512-05"> + <title>Xmail: Privilege escalation through sendmail</title> + <synopsis> + The sendmail program in Xmail is vulnerable to a buffer overflow, + potentially resulting in local privilege escalation. + </synopsis> + <product type="ebuild">xmail</product> + <announced>2005-12-14</announced> + <revised count="01">2005-12-14</revised> + <bug>109381</bug> + <access>local</access> + <affected> + <package name="mail-mta/xmail" auto="yes" arch="*"> + <unaffected range="ge">1.22</unaffected> + <vulnerable range="lt">1.22</vulnerable> + </package> + </affected> + <background> + <p> + Xmail is an Internet and intranet mail server. + </p> + </background> + <description> + <p> + iDEFENSE reported that the AddressFromAtPtr function in the + sendmail program fails to check bounds on arguments passed from other + functions, and as a result an exploitable stack overflow condition + occurs when specifying the "-t" command line option. + </p> + </description> + <impact type="high"> + <p> + A local attacker can make a malicious call to sendmail, + potentially resulting in code execution with elevated privileges. + </p> + </impact> + <workaround> + <p> + There is no known workaround at this time. + </p> + </workaround> + <resolution> + <p> + All Xmail users should upgrade to the latest version: + </p> + <code> + # emerge --sync + # emerge --ask --oneshot --verbose ">=mail-mta/xmail-1.22"</code> + </resolution> + <references> + <uri link="https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2943">CVE-2005-2943</uri> + <uri link="http://www.idefense.com/application/poi/display?id=321&type=vulnerabilities&flashstatus=true">iDEFENSE Security Advisory</uri> + </references> + <metadata tag="requester" timestamp="2005-12-11T18:01:24Z"> + koon + </metadata> + <metadata tag="bugReady" timestamp="2005-12-12T15:24:20Z"> + koon + </metadata> + <metadata tag="submitter" timestamp="2005-12-13T08:46:36Z"> + adir + </metadata> +</glsa> |