Detections
Analytics

Debian DSA-908-1 : sylpheed-claws - buffer overflows

medium Nessus Plugin ID 22774

Synopsis

The remote Debian host is missing a security-related update.

Description

Colin Leroy discovered several buffer overflows in a number of importer routines in sylpheed-claws, an extended version of the Sylpheed mail client, that could lead to the execution of arbitrary code.

Solution

Upgrade the sylpheed-claws package.

The following matrix explains which versions fix this vulnerability

 old stable (woody) stable (sarge) unstable (sid) sylpheed 0.7.4-4woody1 1.0.4-1sarge1 2.0.4-1 sylpheed-gtk1 n/a n/a 1.0.6-1 sylpheed-claws 0.7.4claws-3woody1 1.0.4-1sarge1 1.0.5-2 sylpheed-claws-gtk2 n/a n/a 1.9.100-1

See Also

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=338436

http://www.debian.org/security/2005/dsa-908

Plugin Details

Severity: Medium

ID: 22774

File Name: debian_DSA-908.nasl

Version: 1.13

Type: local

Agent: unix

Published: 10/14/2006

Updated: 1/4/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.5

CVSS v2

Risk Factor: Medium

Base Score: 5.1

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:sylpheed-claws, cpe:/o:debian:debian_linux:3.0, cpe:/o:debian:debian_linux:3.1

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Patch Publication Date: 11/23/2005

Reference Information

CVE: CVE-2005-3354

DSA: 908