MiracleLinux 3 : procmail-3.22-17.1.2.0.1 (AXSA:2014-528:01)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2014-528:01 advisory. Description: Procmail can be used to create mail-servers, mailing lists, sort your incoming mail into separate folders/files real convenient when subscribing ...

MiracleLinux 7 : procmail-3.22-36.el7.1 (AXSA:2017-2423:02)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2017-2423:02 advisory. A heap-based buffer overflow flaw was found in procmail's formail utility. A remote attacker could send a specially crafted email that, when processed by...

CBL Mariner 2.0 Security Update: procmail (CVE-2017-16844)

The version of procmail installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2017-16844 advisory. - Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote...

SUSE CVE-2014-3618

Heap-based buffer overflow in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted email header, related to "unbalanced quotes."...

SUSE CVE-2017-16844

Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size, a different vulnerability than...

Heap-based buffer overflow in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted email header related to "unbalanced quotes."

...

Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size a different vulnerability than CVE-2014-3618.

...

NewStart CGSL MAIN 5.04 : procmail Vulnerability (NS-SA-2019-0005)

The remote NewStart CGSL host, running version MAIN 5.04, has procmail packages installed that are affected by a vulnerability: - A heap-based buffer overflow flaw was found in procmail's formail utility. A remote attacker could send a specially crafted email that, when processed by formail, coul...

Amazon Linux AMI : procmail (ALAS-2018-1084)

A heap-based buffer overflow flaw was found in procmail's formail utility. A remote attacker could send a specially crafted email that, when processed by formail, could cause formail to crash or, possibly, execute arbitrary code as the user running formail.CVE-2017-16844 C Tenable Network Securit...

Important: procmail

Issue Overview: A heap-based buffer overflow flaw was found in procmail's formail utility. A remote attacker could send a specially crafted email that, when processed by formail, could cause formail to crash or, possibly, execute arbitrary code as the user running formail.CVE-2017-16844 Affected...

CentOS Update for procmail CESA-2017:3269 centos7

Check the version of procmail SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882806";...

RedHat Update for procmail RHSA-2017:3269-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[ASA-201711-39] procmail: arbitrary code execution

Arch Linux Security Advisory ASA-201711-39 ========================================== Severity: Critical Date : 2017-11-30 CVE-ID : CVE-2017-16844 Package : procmail Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-515 Summary ======= The package procmail...

Scientific Linux Security Update : procmail on SL7.x x86_64 (20171129)

Security Fixes : - A heap-based buffer overflow flaw was found in procmail's formail utility. A remote attacker could send a specially crafted email that, when processed by formail, could cause formail to crash or, possibly, execute arbitrary code as the user running formail. CVE-2017-16844...

procmail: Heap-based buffer overflow in loadbuf function in formisc.c

A heap-based buffer overflow flaw was found in procmail's formail utility. A remote attacker could send a specially crafted email that, when processed by formail, could cause formail to crash or, possibly, execute arbitrary code as the user running formail...

Important: Red Hat Security Advisory: procmail security update

An update for procmail is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

USN-3483-2: procmail vulnerability

USN-3483-1 fixed a vulnerability in procmail. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Jakub Wilk discovered that the formail tool incorrectly handled certain malformed mail messages. An attacker could use this flaw to cause formail to crash,...

USN-3483-1 procmail vulnerability

Jakub Wilk discovered that the formail tool incorrectly handled certain malformed mail messages. An attacker could use this flaw to cause formail to crash, resulting in a denial of service, or possibly execute arbitrary code...

Debian DSA-4041-1 : procmail - security update

Jakub Wilk reported a heap-based buffer overflow vulnerability in procmail's formail utility when processing specially crafted email headers. A remote attacker could use this flaw to cause formail to crash, resulting in a denial of service or data loss. %NASLMINLEVEL 70300 C Tenable Network...

[SECURITY] [DSA 4041-1] procmail security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4041-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 19, 2017 https://www.debian.org/security/faq -...