No-Brainer SMTP Client Log_Msg() Remote Format String Vulnerability

No-Brainer SMTP Client Log_Msg() Remote Format String Vulnerability

Solution:
The vendor has released version 1.0 of the package to address this vulnerability.

Gentoo has released security advisory GLSA 200508-03 addressing this issue. Gentoo recommends all nbSMTP users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=mail-mta/nbsmtp-1.0"

nbSMTP nbSMTP 0.8

nbSMTP nbsmtp-1.00.tar.gz
http://www.gentoo-es.org/~ferdy/nbsmtp-1.00.tar.gz

nbSMTP nbSMTP 0.9

nbSMTP nbsmtp-1.00.tar.gz
http://www.gentoo-es.org/~ferdy/nbsmtp-1.00.tar.gz

nbSMTP nbSMTP 0.91

nbSMTP nbsmtp-1.00.tar.gz
http://www.gentoo-es.org/~ferdy/nbsmtp-1.00.tar.gz

nbSMTP nbSMTP 0.92

nbSMTP nbsmtp-1.00.tar.gz
http://www.gentoo-es.org/~ferdy/nbsmtp-1.00.tar.gz

nbSMTP nbSMTP 0.93

nbSMTP nbsmtp-1.00.tar.gz
http://www.gentoo-es.org/~ferdy/nbsmtp-1.00.tar.gz

nbSMTP nbSMTP 0.94

nbSMTP nbsmtp-1.00.tar.gz
http://www.gentoo-es.org/~ferdy/nbsmtp-1.00.tar.gz

nbSMTP nbSMTP 0.95

nbSMTP nbsmtp-1.00.tar.gz
http://www.gentoo-es.org/~ferdy/nbsmtp-1.00.tar.gz

nbSMTP nbSMTP 0.96

nbSMTP nbsmtp-1.00.tar.gz
http://www.gentoo-es.org/~ferdy/nbsmtp-1.00.tar.gz

nbSMTP nbSMTP 0.97

nbSMTP nbsmtp-1.00.tar.gz
http://www.gentoo-es.org/~ferdy/nbsmtp-1.00.tar.gz

nbSMTP nbSMTP 0.98

nbSMTP nbsmtp-1.00.tar.gz
http://www.gentoo-es.org/~ferdy/nbsmtp-1.00.tar.gz

Privacy Statement
Copyright 2010, SecurityFocus