Lucene search
K

9 matches found

OSV
OSV
added 2013/12/07 8:55 p.m.4 views

CVE-2013-4478

Sup before 0.13.2.1 and 0.14.x before 0.14.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of an email attachment...

7.4AI score
Exploits0References8
CVE
CVE
added 2013/12/07 8:0 p.m.65 views

CVE-2013-4478

CVE-2013-4478 affects Sup versions prior to 0.13.2.1 and prior to 0.14.1.1, where remote attackers could execute arbitrary commands via shell metacharacters in the filename of an email attachment. The fixed releases are 0.13.2.1 and 0.14.1.1, per the descriptions in the connected records. Practic...

6.8CVSS7.5AI score0.02138EPSS
Exploits1References7Affected Software1
Debian CVE
Debian CVE
added 2013/12/07 8:0 p.m.32 views

CVE-2013-4478

Sup before 0.13.2.1 and 0.14.x before 0.14.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of an email attachment...

6.8CVSS7.6AI score0.02138EPSS
Exploits1
securityvulns
securityvulns
added 2013/12/01 12:0 a.m.42 views

[SECURITY] [DSA 2805-1] sup-mail security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2805-1 [email protected] http://www.debian.org/security/ Luciano Bello November 27, 2013 http://www.debian.org/security/faq -...

6.8CVSS1.8AI score0.03239EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2013/11/29 12:0 a.m.17 views

Debian DSA-2805-1 : sup-mail - command injection

joernchen of Phenoelit discovered two command injection flaws in Sup, a console-based email client. An attacker might execute arbitrary command if the user opens a maliciously crafted email. - CVE-2013-4478 Sup wrongly handled the filename of attachments. - CVE-2013-4479 Sup did not sanitize the...

6.8CVSS5.5AI score0.03239EPSS
Exploits2References8
Debian
Debian
added 2013/11/27 9:38 p.m.63 views

[SECURITY] [DSA 2805-1] sup-mail security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2805-1 [email protected] http://www.debian.org/security/ Luciano Bello November 27, 2013 http://www.debian.org/security/faq -...

6.8CVSS7.2AI score0.03239EPSS
Exploits2
OSV
OSV
added 2013/11/27 12:0 a.m.20 views

DSA-2805-1 sup-mail - remote command injection

Bulletin has no description...

6.8CVSS6AI score0.03239EPSS
Exploits2
OpenVAS
OpenVAS
added 2013/11/27 12:0 a.m.27 views

Debian Security Advisory DSA 2805-1 (sup-mail - command injection)

joernchen of Phenoelit discovered two command injection flaws in Sup, a console-based email client. An attacker might execute arbitrary command if the user opens a maliciously crafted email. CVE-2013-4478 Sup wrongly handled the filename of attachments. CVE-2013-4479 Sup did not sanitize the...

6.8CVSS0.4AI score0.03239EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2013/11/26 12:0 a.m.9 views

Debian: Security Advisory (DSA-2805-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.7AI score0.03239EPSS
Exploits2References3
Rows per page
Query Builder