GLSA-200411-06 : MIME-tools: Virus detection evasion
High Nessus Plugin ID 15608
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-200411-06 (MIME-tools: Virus detection evasion)
MIME-tools doesn't correctly parse attachment boundaries with an empty name (boundary='').
An attacker could send a carefully crafted email and evade detection on some email virus-scanning programs using MIME-tools for attachment decoding.
There is no known workaround at this time.
SolutionAll MIME-tools users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=dev-perl/MIME-tools-5.415'