Mageia Linux Local Check: mgasa-2015-0400

Published: 2015-10-15 03:54:50
CVE Author: NIST National Vulnerability Database (NVD)

Technical Details:
Multiple security issues in the DBMail driver for the password plugin, including buffer overflows (CVE-2015-2181) and the ability for a remote attacker to execute arbitrary shell commands as root (CVE-2015-2180). An authenticated user can download arbitrary files from the web server that the web server process has read access to, by uploading a vCard with a specially crafted POST (CVE-2015-5382). The roundcubemail Linux Distribution Package has been updated to version 1.0.6, fixing these issues and several other bugs, however the installer is currently known to be broken.

Update the affected Linux Distribution Packages to the latest available version.

Solution Type:
Vendor Patch

CVSS Base Vector:

Detection Type:
Linux Distribution Package

Mageia Linux Local Security Checks mgasa-2015-0400

NIST (National Institute of Standards and Technology) NVD (National Vulnerability Database)


CVSS Score

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.