32 matches found
Linux Distros Unpatched Vulnerability : CVE-2014-7844
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted email address. CVE-2014-7844 Note that Nessus relies on the...
SUSE: Security Advisory (SUSE-SU-2014:1696-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-7844
BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted email address...
CVE-2014-7844
BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted email address...
CVE-2014-7844
CVE-2014-7844 affects BSD mailx 8.1.2 and earlier and Heirloom mailx 12.5 and earlier. Root cause: the expand function (fio.c) allows shell meta-characters in an email address to trigger remote command execution. Impact: remote attacker could execute arbitrary commands with the privileges of the ...
CVE-2014-7844
BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted email address...
F5 Networks BIG-IP : Mailx vulnerabilities (K16945)
CVE-2014-7844 The expand function in fio.c in Heirloom mailx 12.5 and earlier and BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via shell meta characters in an email address. CVE-2004-2771 A flaw was found in the way mailx handled the parsing of email addresses...
Amazon Linux: Security Advisory (ALAS-2015-467)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-114-1 : heirloom-mailx security update
Two security vulnerabilities were discovered in Heirloom mailx, an implementation of the 'mail' command : CVE-2004-2771 mailx interprets interprets shell meta-characters in certain email addresses. CVE-2014-7844 An unexpected feature of mailx treats syntactically valid email addresses as shell...
Mandriva Linux Security Advisory : nail (MDVSA-2015:011)
Updated nail package fixes security vulnerabilities : A flaw was found in the way mailx handled the parsing of email addresses. A syntactically valid email address could allow a local attacker to cause mailx to execute arbitrary shell commands through shell meta-characters and the direct command...
Medium: mailx
Issue Overview: A flaw was found in the way mailx handled the parsing of email addresses. A syntactically valid email address could allow a local attacker to cause mailx to execute arbitrary shell commands through shell meta-characters and the direct command execution functionality. CVE-2004-2771...
Fedora 19 : mailx-12.5-9.fc19 (2014-17277)
Security fix for CVE-2004-2771, CVE-2014-7844 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Fedora 21 : mailx-12.5-14.fc21 (2014-17243)
Security fix for CVE-2004-2771, CVE-2014-7844 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Fedora 20 : mailx-12.5-11.fc20 (2014-17245)
Security fix for CVE-2004-2771, CVE-2014-7844 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Fedora Update for mailx FEDORA-2014-17277
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : mailx (openSUSE-SU-2014:1713-1)
This mailx update fixes the following security issue : bsc909208: shell command injection via crafted email addresses CVE-2004-2771, CVE-2014-7844 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Upda...
SuSE 11.3 Security Update : mailx (SAT Patch Number 10096)
This mailx update fixes the following security issues : - Shell command injection via crafted email addresses. CVE-2004-2771 / CVE-2014-7844. bnc909208 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update...
[SECURITY] [DSA 3104-1] bsd-mailx security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3104-1 [email protected] http://www.debian.org/security/ Florian Weimer December 16, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3105-1] heirloom-mailx security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3105-1 [email protected] http://www.debian.org/security/ Florian Weimer December 16, 2014 http://www.debian.org/security/faq -...
Updated nail package fixes security vulnerabilities
Updated nail package fixes security vulnerabilities: A flaw was found in the way mailx handled the parsing of email addresses. A syntactically valid email address could allow a local attacker to cause mailx to execute arbitrary shell commands through shell meta-characters and the direct command...