Debian Security Advisory DSA 671-1 (xemacs21) Network Vulnerability

Summary

The remote host is missing an update to xemacs21 announced via advisory DSA 671-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20671-1

Insight

Max Vozeler discovered several format string vulnerabilities in the movemail utility of Emacs, the well-known editor. Via connecting to a malicious POP server an attacker can execute arbitrary code under the privileges of group mail. For the stable distribution (woody) these problems have been fixed in version 21.4.6-8woody2. For the unstable distribution (sid) these problems have been fixed in version 21.4.16-2. We recommend that you upgrade your emacs packages.

Severity

Classification

CVE CVE-2005-0100

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Debian Security Advisory DSA 1021-1 (netpbm-free)
Debian Security Advisory DSA 1020-1 (flex)
Debian Security Advisory DSA 100-1 (gzip)
Debian Security Advisory DSA 029-1 (proftpd)
Debian Security Advisory DSA 1039-1 (blender)

Take action and discover your vulnerabilities