FreeBSD : Buffer overflows and format string bugs in Emil (ce46b93a-80f2-11d8-9645-0020ed76ef5a)

This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Ulf Harnhammar reports multiple buffer overflows in Emil, some of
which are triggered during the parsing of attachment filenames. In
addition, some format string bugs are present in the error reporting
code.

Depending upon local configuration, these vulnerabilities may be
exploited using specially crafted messages in order to execute
arbitrary code running with the privileges of the user invoking Emil.

See also :

http://www.nessus.org/u?abc277c3
http://www.nessus.org/u?5611b59f

Solution :

Update the affected package.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 36683 (freebsd_pkg_ce46b93a80f211d896450020ed76ef5a.nasl)

Bugtraq ID:

CVE ID: CVE-2004-0152
CVE-2004-0153

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now