Gentoo: GLSA-200409-01 High: vpopmail SQL Injection and Code Execution
gentoo
September 1, 2004
vpopmail contains several bugs making it vulnerable to several SQL injection exploits as well as one buffer overflow and one format string exploit when using Sybase
Summary
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Gentoo Linux Security Advisory GLSA 200409-01
https://security.gentoo.org/
Severity: High
Title: vpopmail: Multiple vulnerabilities
Date: September 01, 2004
Bugs: #60844
ID: 200409-01
Synopsis
=======
vpopmail contains several bugs making it vulnerable to several SQL
injection exploits as well as one buffer overflow and one format
string exploit when using Sybase. This could lead to the execution of
arbitrary code.
Background
=========
vpopmail handles virtual mail domains for qmail and Postfix.
Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-mail/vpopmail < 5.4.6 >= 5.4.6
==========
vpopmail is vul...Read the Full Advisory
Resolution
References
Availability
style>.gentoo_availability{display:block;}
Concerns
PREVIOUS
NEXT
Warning: Undefined array key "advisory_info" in /var/www/www.linuxsecurity.com-443/html/tmp/regularlabs/custom_php/3489841_4c9dbbdde36eef04251a4ced7eac4df9 on line 11
Background
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Affected Packages
Impact
Workaround
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!