Ubuntu Security Notice (C) 2005-2013 Canonical, Inc. / NASL script (C) 2006-2013 Tenable Network Security, Inc.
The remote Ubuntu host is missing one or more security-related patches.
Max Vozeler discovered a format string vulnerability in the 'movemail'
utility of Emacs. By sending specially crafted packets, a malicious
POP3 server could cause a buffer overflow, which could have been
exploited to execute arbitrary code with the privileges of the user
and the 'mail' group (since 'movemail' is installed as 'setgid mail').
Update the affected packages.
Risk factor :
High / CVSS Base Score : 7.5
Family: Ubuntu Local Security Checks
Nessus Plugin ID: 20698 ()
CVE ID: CVE-2005-0100