FreeBSD : Buffer overflows and format string bugs in Emil (ce46b93a-80f2-11d8-9645-0020ed76ef5a)

High Nessus Plugin ID 36683


The remote FreeBSD host is missing a security-related update.


Ulf Harnhammar reports multiple buffer overflows in Emil, some of which are triggered during the parsing of attachment filenames. In addition, some format string bugs are present in the error reporting code.

Depending upon local configuration, these vulnerabilities may be exploited using specially crafted messages in order to execute arbitrary code running with the privileges of the user invoking Emil.


Update the affected package.

See Also

Plugin Details

Severity: High

ID: 36683

File Name: freebsd_pkg_ce46b93a80f211d896450020ed76ef5a.nasl

Version: $Revision: 1.11 $

Type: local

Published: 2009/04/23

Modified: 2016/05/26

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:emil, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2004/03/28

Vulnerability Publication Date: 2004/03/24

Reference Information

CVE: CVE-2004-0152, CVE-2004-0153

DSA: 468