RHEL 2.1 : balsa (RHSA-2003:111)

This script is Copyright (C) 2004-2014 Tenable Network Security, Inc.


Synopsis :

The remote Red Hat host is missing one or more security updates.

Description :

Updated Balsa packages are available which fix potential
vulnerabilities in the IMAP handling code and in libesmtp.

Balsa is a GNOME email client which includes code from Mutt.

A potential buffer overflow exists in Balsa versions 1.2 and higher
when parsing mailbox names returned by an IMAP server. It is possible
that a hostile IMAP server could cause arbitrary code to be executed
by the user running Balsa.

Additionally, a buffer overflow in libesmtp (an SMTP library used by
Balsa) before version 0.8.11 allows a hostile remote SMTP server to
execute arbitrary code via a certain response or cause a denial of
service via long server responses.

Users of Balsa are recommended to upgrade to these erratum packages
which include updated versions of Balsa and libesmtp which are not
vulnerable to these issues.

Red Hat would like to thank CORE security for discovering the
vulnerability, and the Mutt team for providing a patch.

See also :

https://www.redhat.com/security/data/cve/CVE-2002-1090.html
https://www.redhat.com/security/data/cve/CVE-2003-0140.html
http://rhn.redhat.com/errata/RHSA-2003-111.html

Solution :

Update the affected balsa, libesmtp and / or libesmtp-devel packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: Red Hat Local Security Checks

Nessus Plugin ID: 12382 ()

Bugtraq ID:

CVE ID: CVE-2002-1090
CVE-2003-0140