Home-›Foren-›Pegasus Mail-›Sicherheitsleck in Pegasus Mail 4.2x bis 4.3 PB1
Es ist ein Sicherheitsleck in Pegasus Mail aufgetaucht, durch das ein Angreifer eigenen Code auf einem fremden Rechner ausführen könnte.
Betroffen sind alle Versionen ab 4.2 bis 4.3 Pre Beta 1.
Das Update auf die aktuelle Version 4.31 (http://www.pmail.com/downloads_de_t.htm) bis zum 28.12.05 wird empfohlen.
Die Meldung im Original:
December 2005 – Secunia advises of exploits against Pegasus Mail v4.21 Secunia Research, a Denmark-based security analysis firm, has discovered two potentially exploitable bugs in the Pegasus Mail v4.2 version family and the Pegasus Mail v4.3 public beta. One of the exploits is largely harmless, but the other is quite serious, and can potentially result in unauthorised code being run on your computer if you download a specially-malformed message via POP3. These exploits have been corrected in the full release of Pegasus Mail v4.3, and versions earlier than v4.2 are not subject to them – in other words, you can only be affected by these exploits if you are running Pegasus Mail v4.21a, b or c, or v4.3pb1. Secunia will be making information about these exploits public on December 28th – if you are running Pegasus Mail v4.2 or the Pegasus Mail v4.3 public beta, we strongly advise you to consider upgrading prior to that time.
[Editiert am 21/12/2005 von Pegasus]
Das Thema ‘Sicherheitsleck in Pegasus Mail 4.2x bis 4.3 PB1’ ist für neue Antworten geschlossen.