Secunia Security Advisory - Slackware has issued an update for fetchmail. This fixes some vulnerabilities, which can be exploited by malicious, local users to gain knowledge of certain sensitive information and by malicious people to cause a DoS (Denial of Service).
0373bc42199f34d908777d03fee2560716505de955a04b0027ab9730de9adbae
TITLE:
Slackware update for fetchmail
SECUNIA ADVISORY ID:
SA18895
VERIFY ADVISORY:
http://secunia.com/advisories/18895/
CRITICAL:
Moderately critical
IMPACT:
Exposure of sensitive information, DoS
WHERE:
>From remote
OPERATING SYSTEM:
Slackware Linux 9.1
http://secunia.com/product/2265/
Slackware Linux 9.0
http://secunia.com/product/1336/
Slackware Linux 8.x
http://secunia.com/product/146/
Slackware Linux 10.0
http://secunia.com/product/4368/
DESCRIPTION:
Slackware has issued an update for fetchmail. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
gain knowledge of certain sensitive information and by malicious
people to cause a DoS (Denial of Service).
For more information:
SA18571
SA17891
SA17293
SOLUTION:
Apply updated packages.
Slackware 8.1:
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/fetchmail-6.3.2-i386-1.tgz
Slackware 9.0:
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/fetchmail-6.3.2-i386-1.tgz
Slackware 9.1:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/fetchmail-6.3.2-i486-1.tgz
Slackware 10.0:
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/fetchmail-6.3.2-i486-1.tgz
ORIGINAL ADVISORY:
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.443499
OTHER REFERENCES:
SA18571:
http://secunia.com/advisories/18571/
SA17891:
http://secunia.com/advisories/17891/
SA17293:
http://secunia.com/advisories/17293/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------