9 matches found
CVE-2013-4478
Sup before 0.13.2.1 and 0.14.x before 0.14.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of an email attachment...
CVE-2013-4478
CVE-2013-4478 affects Sup versions prior to 0.13.2.1 and prior to 0.14.1.1, where remote attackers could execute arbitrary commands via shell metacharacters in the filename of an email attachment. The fixed releases are 0.13.2.1 and 0.14.1.1, per the descriptions in the connected records. Practic...
CVE-2013-4478
Sup before 0.13.2.1 and 0.14.x before 0.14.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of an email attachment...
[SECURITY] [DSA 2805-1] sup-mail security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2805-1 [email protected] http://www.debian.org/security/ Luciano Bello November 27, 2013 http://www.debian.org/security/faq -...
Debian DSA-2805-1 : sup-mail - command injection
joernchen of Phenoelit discovered two command injection flaws in Sup, a console-based email client. An attacker might execute arbitrary command if the user opens a maliciously crafted email. - CVE-2013-4478 Sup wrongly handled the filename of attachments. - CVE-2013-4479 Sup did not sanitize the...
[SECURITY] [DSA 2805-1] sup-mail security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2805-1 [email protected] http://www.debian.org/security/ Luciano Bello November 27, 2013 http://www.debian.org/security/faq -...
DSA-2805-1 sup-mail - remote command injection
Bulletin has no description...
Debian Security Advisory DSA 2805-1 (sup-mail - command injection)
joernchen of Phenoelit discovered two command injection flaws in Sup, a console-based email client. An attacker might execute arbitrary command if the user opens a maliciously crafted email. CVE-2013-4478 Sup wrongly handled the filename of attachments. CVE-2013-4479 Sup did not sanitize the...
Debian: Security Advisory (DSA-2805-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...