| Nessus Plugin ID: 21190 | Name: Fedora Core 5 2006-193: sendmail |
| CVE References: CVE-2006-0058 (cve.mitre.org, nvd.nist.gov) |
| SANS/FBI TOP20 Reference: |
| Group/Family: Fedora Local Security Checks |
| Risk: High |
Description: Synopsis :
The remote host is missing a vendor-supplied security patch
Description :
The remote host is missing the patch for the advisory FEDORA-2006-193 (sendmail).
The Sendmail program is a very widely used Mail Transport Agent (MTA).
MTAs send mail from one machine to another. Sendmail is not a client
program, which you use to read your email. Sendmail is a
behind-the-scenes program which actually moves your email over
networks or the Internet to where you want it to go.
If you ever need to reconfigure Sendmail, you will also need to have
the sendmail.cf package installed. If you need documentation on
Sendmail, you can install the sendmail-doc package.
Update Information:
Fixes CVE-2006-0058:
A flaw in the handling of asynchronous signals.
A remote attacker may be able to exploit a race condition to
execute arbitrary code as root.
Solution :
Get the newest Fedora Updates
/ CVSS Base Score : 7.6
(CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C)
|
| Created: 2007-08-23 03:06:22 | Last Changed: 2010-04-11 00:43:47 |