Netzwerk Sicherheits Prüfungen / Anfälligkeitsfeststellung von SecuritySpace

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory                         MDKSA-2007:179
http://www.mandriva.com/security/
_______________________________________________________________________

Package : fetchmail
Date    : September 11, 2007
Affected: 2007.0, 2007.1, Corporate 3.0, Corporate 4.0
_______________________________________________________________________

Problem Description:

A vulnerability in fetchmail was found where it could crash when
attempting to deliver an internal warning or error message through an
untrusted or compromised SMTP server, leading to a denial of service.

Updated packages have been patched to prevent these issues.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4565
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2007.0:
ec4f5dea69e44968c18ed13aec63fbc4  2007.0/i586/fetchmail-6.3.4-3.3mdv2007.0.i586.rpm
6714594d428e0e2e0ed3e677c7813fda  2007.0/i586/fetchmail-daemon-6.3.4-3.3mdv2007.0.i586.rpm
4d2fbbf2de3d9204647f5a3cd7991e56  2007.0/i586/fetchmailconf-6.3.4-3.3mdv2007.0.i586.rpm
47b05bee8f922fe043863399cad72818  2007.0/SRPMS/fetchmail-6.3.4-3.3mdv2007.0.src.rpm

Mandriva Linux 2007.0/X86_64:
1bd5250e46911f1c58e29d99c3ca7b70  2007.0/x86_64/fetchmail-6.3.4-3.3mdv2007.0.x86_64.rpm
3f9aefbedfdc5dcd888c77314827eb41  2007.0/x86_64/fetchmail-daemon-6.3.4-3.3mdv2007.0.x86_64.rpm
899116e39b78dc4184c4f4a1a8d839ff  2007.0/x86_64/fetchmailconf-6.3.4-3.3mdv2007.0.x86_64.rpm
47b05bee8f922fe043863399cad72818  2007.0/SRPMS/fetchmail-6.3.4-3.3mdv2007.0.src.rpm

Mandriva Linux 2007.1:
01a5cdfd3329fc919b76bbbd955f1765  2007.1/i586/fetchmail-6.3.6-1.2mdv2007.1.i586.rpm
cdc7413cca7f26b5f10a2ade1412f05e  2007.1/i586/fetchmail-daemon-6.3.6-1.2mdv2007.1.i586.rpm
01de767500146bb7f00e5282267cc348  2007.1/i586/fetchmailconf-6.3.6-1.2mdv2007.1.i586.rpm
36ae6d7fa6fd77a2925e5ac64e7a0394  2007.1/SRPMS/fetchmail-6.3.6-1.2mdv2007.1.src.rpm

Mandriva Linux 2007.1/X86_64:
3a5fd389cb5ab9d3e66772df25a5d081  2007.1/x86_64/fetchmail-6.3.6-1.2mdv2007.1.x86_64.rpm
a9ea49f814c8305ad5b845d5afd11db2  2007.1/x86_64/fetchmail-daemon-6.3.6-1.2mdv2007.1.x86_64.rpm
20cd90c65804e6272fdf8f95586799e4  2007.1/x86_64/fetchmailconf-6.3.6-1.2mdv2007.1.x86_64.rpm
36ae6d7fa6fd77a2925e5ac64e7a0394  2007.1/SRPMS/fetchmail-6.3.6-1.2mdv2007.1.src.rpm

Corporate 3.0:
c467b462473a61160ef0f00a1fae355e  corporate/3.0/i586/fetchmail-6.2.5-3.6.C30mdk.i586.rpm
781126a4db0c738eac5cdd9ec8cc5981  corporate/3.0/i586/fetchmail-daemon-6.2.5-3.6.C30mdk.i586.rpm
ae3874e52845214fb1bf7eecdc6abf84  corporate/3.0/i586/fetchmailconf-6.2.5-3.6.C30mdk.i586.rpm
230cbc53c8bbba90c486708fff76abea  corporate/3.0/SRPMS/fetchmail-6.2.5-3.6.C30mdk.src.rpm

Corporate 3.0/X86_64:
eb699fd754ebd4946bfe7c026f6f2e42  corporate/3.0/x86_64/fetchmail-6.2.5-3.6.C30mdk.x86_64.rpm
e7ecb2da9c3d73f3b0a5cebf13930f7e  corporate/3.0/x86_64/fetchmail-daemon-6.2.5-3.6.C30mdk.x86_64.rpm
b6bfcbc53aabb69d1c07d0fb0a8afed8  corporate/3.0/x86_64/fetchmailconf-6.2.5-3.6.C30mdk.x86_64.rpm
230cbc53c8bbba90c486708fff76abea  corporate/3.0/SRPMS/fetchmail-6.2.5-3.6.C30mdk.src.rpm

Corporate 4.0:
81cfe01e0da3ca09cf7c4ac39bdf48d1  corporate/4.0/i586/fetchmail-6.2.5-11.5.20060mlcs4.i586.rpm
40b38bce6f851cf3165b0e8a8f5f3c50  corporate/4.0/i586/fetchmail-daemon-6.2.5-11.5.20060mlcs4.i586.rpm
d7c94a1d6e803c00e5c05f0aa0efc477  corporate/4.0/i586/fetchmailconf-6.2.5-11.5.20060mlcs4.i586.rpm
3efc2789b3ea0582b5c6ec70d65ddff5  corporate/4.0/SRPMS/fetchmail-6.2.5-11.5.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
58c9d8daa4ba5a11b96b4373d9f2b45c  corporate/4.0/x86_64/fetchmail-6.2.5-11.5.20060mlcs4.x86_64.rpm
a9e54ac1f2a56a0ceca4663e1b970201  corporate/4.0/x86_64/fetchmail-daemon-6.2.5-11.5.20060mlcs4.x86_64.rpm
de9f1acd42b3a445e9fe8c74b4b90094  corporate/4.0/x86_64/fetchmailconf-6.2.5-11.5.20060mlcs4.x86_64.rpm
3efc2789b3ea0582b5c6ec70d65ddff5  corporate/4.0/SRPMS/fetchmail-6.2.5-11.5.20060mlcs4.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi.  The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security.  You can obtain the
GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID     Date       User ID
pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFG5xcEmqjQ0CJFipgRAsETAKDn3WWSRn/oCB2e9x5/hVgk9r0fHACfVGKa
vFZk/FEGzn9cd9fFHScSRkA=
=+l52
-----END PGP SIGNATURE-----