metamail -- buffer overflow, format string bugs

ID DSA-449
Type debian
Reporter Debian
Modified 2004-02-24T00:00:00


Ulf Härnhammar discovered two format string bugs (CAN-2004-0104) and two buffer overflow bugs (CAN-2004-0105) in metamail, an implementation of MIME. An attacker could create a carefully-crafted mail message which will execute arbitrary code as the victim when it is opened and parsed through metamail.

We have been devoting some effort to trying to avoid shipping metamail in the future. It became unmaintainable and these are probably not the last of the vulnerabilities.

For the stable distribution (woody) these problems have been fixed in version 2.7-45woody.2.

For the unstable distribution (sid) these problems will be fixed in version 2.7-45.2.

We recommend that you upgrade your metamail package.