Debian DSA-248-1 : hypermail - buffer overflows

Ulf Harnhammar discovered two problems in hypermail, a program to create HTML archives of mailing lists. An attacker could craft a long filename for an attachment that would overflow two buffers when a certain option for interactive use was given, opening the possibility to inject arbitrary code...

Hypermail buffer overflows

Hypermail buffer overflows PROGRAM: Hypermail HOMEPAGE: http://www.hypermail.org/ SOURCEFORGE PAGE: http://sourceforge.net/projects/hypermail/ VULNERABLE VERSIONS: 2.1.3, 2.1.4, 2.1.5, possibly others IMMUNE VERSIONS: 2.1.6 DESCRIPTION: "Hypermail 2 is a much enhanced version of the popular tool...