Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 486
Alerts This Week
Warning Icon 1 486

Gentoo: 200405-17 Alert - Metamail Vulnerability for Code Execution

gentoo
Calendar Grey May 21, 2004
Dist Gentoo Esm H88
Uncover the critical security flaws found in Metamail on Gentoo; essential update guidelines provided.
Several format string bugs and buffer overflows were discovered in metamail, potentially allowing execution of arbitrary code remotely.

Summary

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Gentoo Linux Security Advisory                           GLSA 200405-17
                                            https://security.gentoo.org/

Severity: High Title: Multiple vulnerabilities in metamail Date: May 21, 2004 Bugs: #42133 ID: 200405-17

Synopsis ======= Several format string bugs and buffer overflows were discovered in metamail, potentially allowing execution of arbitrary code remotely.
Background ========= Metamail is a program that decodes MIME encoded mail. It is therefore often automatically called when an email is received or read.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-mail/metamail < 2.7.45.3 >= 2.7.45.3
========== Ulf Harnhammar found two format stri...

Read the Full Advisory

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround