Detections
Analytics

FreeBSD : mail-notification -- denial-of-service vulnerability (3030ae22-1c7f-11d9-81a4-0050fc56d258)

high Nessus Plugin ID 37433

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Caused by an untested return value, and a resulting NULL pointer dereference, it is possible for an attacker to crash the application.
However, the attacker must first hijack the connection between Mail Notification and the Gmail or IMAP server.

Solution

Update the affected package.

See Also

http://www.nongnu.org/mailnotify/sa/mail-notification-SA-04:2.asc

http://www.nongnu.org/mailnotify/sa/mail-notification-SA-04:3.asc

http://www.nessus.org/u?f138c57e

Plugin Details

Severity: High

ID: 37433

File Name: freebsd_pkg_3030ae221c7f11d981a40050fc56d258.nasl

Version: 1.12

Type: local

Published: 4/23/2009

Updated: 1/6/2021

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:mail-notification, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 10/12/2004

Vulnerability Publication Date: 10/6/2004