Executive Summary
| Summary | |
|---|---|
| Title | New ssmtp packages fix format string vulnerabilities |
| Informations | |||
|---|---|---|---|
| Name | DSA-485 | First vendor Publication | 2004-04-14 |
| Vendor | Debian | Last vendor Modification | 2004-04-14 |
| Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 5 | Attack Range | Network |
| Cvss Impact Score | 2.9 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Max Vozeler discovered two format string vulnerabilities in ssmtp, a simple mail transport agent. Untrusted values in the functions die() and log_event() were passed to printf-like functions as format strings. These vulnerabilities could potentially be exploited by a remote mail relay to gain the privileges of the ssmtp process (including potentially root). For the current stable distribution (woody) this problem will be fixed in version 2.50.6.1. For the unstable distribution (sid), this problem will be fixed soon. We recommend that you update your ssmtp package. |
Original Source
| Url : http://www.debian.org/security/2004/dsa-485 |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2008-09-24 | Name : Gentoo Security Advisory GLSA 200404-18 (ssmtp) File : nvt/glsa_200404_18.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 485-1 (ssmtp) File : nvt/deb_485_1.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 5361 | sSMTP log_event Format String sSMTP contains a flaw that may allow a malicious user to gain the privileges of the ssmtp process. The issue is triggered when untrusted values in the functions log_event() is passed to printf-like functions as format strings. It is possible that the flaw may allow remote mail relay to gain the privileges of the ssmtp process resulting in a loss of confidentiality and/or integrity. |
| 5360 | sSMTP die Format String A format string error exists in sSMTP. The program contains a number of format string vulnerabilities which can result in buffer overflows. With a specially crafted request, an attacker can potentially cause execution of code resulting in a loss of integrity. |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-485.nasl - Type : ACT_GATHER_INFO |
| 2004-08-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200404-18.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:33:14 |
|
