This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.
The remote FreeBSD host is missing one or more security-related
The Courier set of mail services use a common Unicode library. This
library contains buffer overflows in the converters for two popular
Japanese character encodings. These overflows may be remotely
exploitable, triggered by a maliciously formatted email message that
is later processed by one of the Courier mail services. From the
release notes for the corrected versions of the Courier set of mail
iso2022jp.c: Converters became (upper-)compatible with ISO-2022-JP
(RFC1468 / JIS X 0208:1997 Annex 2) and ISO-2022-JP-1 (RFC2237).
Buffer overflow vulnerability (when Unicode character is out of BMP
range) has been closed. Convert error handling was implemented.
shiftjis.c: Broken SHIFT_JIS converters has been fixed and became
(upper-)compatible with Shifted Encoding Method (JIS X 0208:1997 Annex
1). Buffer overflow vulnerability (when Unicode character is out of
BMP range) has been closed. Convert error handling was implemented.
See also :
Update the affected packages.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 5.5
Public Exploit Available : false