Mandrake Linux Security Advisory : procmail (MDKSA-2001:085)

This script is Copyright (C) 2004-2013 Tenable Network Security, Inc.


Synopsis :

The remote Mandrake Linux host is missing a security update.

Description :

In older versions of procmail, it is possible to crash procmail by
sending it certain signals. If procmail is installed setuid, this
could be exploited to gain unauthorized privilege. This problem is
fixed in unstable version 3.20 and stable version 3.15.2.

Solution :

Update the affected procmail package.

Risk factor :

Medium / CVSS Base Score : 6.2
(CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C)

Family: Mandriva Local Security Checks

Nessus Plugin ID: 13898 (mandrake_MDKSA-2001-085.nasl)

Bugtraq ID:

CVE ID: CVE-2001-0905

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now