Detections
Analytics

Debian DSA-485-1 : ssmtp - format string

medium Nessus Plugin ID 15322

Synopsis

The remote Debian host is missing a security-related update.

Description

Max Vozeler discovered two format string vulnerabilities in ssmtp, a simple mail transport agent. Untrusted values in the functions die() and log_event() were passed to printf-like functions as format strings. These vulnerabilities could potentially be exploited by a remote mail relay to gain the privileges of the ssmtp process (including potentially root).

Solution

For the current stable distribution (woody) this problem will be fixed in version 2.50.6.1.

We recommend that you update your ssmtp package.

See Also

http://www.debian.org/security/2004/dsa-485

Plugin Details

Severity: Medium

ID: 15322

File Name: debian_DSA-485.nasl

Version: 1.22

Type: local

Agent: unix

Published: 9/29/2004

Updated: 1/4/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:ssmtp, cpe:/o:debian:debian_linux:3.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Ease: No known exploits are available

Patch Publication Date: 4/14/2004

Vulnerability Publication Date: 4/14/2004

Reference Information

CVE: CVE-2004-0156

BID: 10150

DSA: 485