Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 543
Alerts This Week
Warning Icon 1 543

Gentoo: GLSA 200611-15 High: qmailAdmin Buffer Overflow Risk

gentoo
Calendar Grey November 21, 2006
Dist Gentoo Esm H88
Important Gentoo notification regarding qmailAdmin: please update to mitigate risks of remote code execution stemming from buffer overflow vulnerabilities.
qmailAdmin is vulnerable to a buffer overflow that could lead to the remote execution of arbitrary code.

Summary

Gentoo Linux Security Advisory GLSA 200611-15 https://security.gentoo.org/ Severity: High Title: qmailAdmin: Buffer overflow Date: November 21, 2006 Bugs: #153896 ID: 200611-15

Synopsis ======= qmailAdmin is vulnerable to a buffer overflow that could lead to the remote execution of arbitrary code.
Background ========= qmailAdmin is a free software package that provides a web interface for managing a qmail system with virtual domains.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-mail/qmailadmin < 1.2.10 >= 1.2.10
========== qmailAdmin fails to properly handle the "PATH_INFO" variable in qmailadmin.c. The PATH_INFO is a standard CGI environment variable...

Read the Full Advisory

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround