[Bug 278978] [NEW] [CVE-2008-3962] allow remote attackers to obtain sensitive information
Launchpad Bug Tracker
278978 at bugs.launchpad.net
Tue Oct 7 15:35:30 BST 2008
*** This bug is a security vulnerability ***
You have been subscribed to a public security bug by Stefan Ebner (sebner):
Binary package hint: ssmtp
The from_format function in ssmtp.c in ssmtp 2.61 and 2.62, in certain
configurations, uses uninitialized memory for the From: field of an
e-mail message, which might allow remote attackers to obtain sensitive
information (memory contents) in opportunistic circumstances by reading
a message.
This fix was already applied in Debian.
** Affects: ssmtp (Ubuntu)
Importance: Undecided
Status: Confirmed
** Affects: ssmtp (Debian)
Importance: Unknown
Status: Fix Released
--
[CVE-2008-3962] allow remote attackers to obtain sensitive information
https://bugs.edge.launchpad.net/bugs/278978
You received this bug notification because you are a member of Ubuntu Sponsors for universe, which is a direct subscriber.
More information about the Ubuntu-universe-sponsors
mailing list