MiracleLinux 7 : procmail-3.22-36.el7.1 (AXSA:2017-2423:02)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2017-2423:02 advisory. A heap-based buffer overflow flaw was found in procmail's formail utility. A remote attacker could send a specially crafted email that, when processed by...

SUSE CVE-2017-16844

Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size, a different vulnerability than...

Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size a different vulnerability than CVE-2014-3618.

...

The vulnerability of the loadbuf function in the Procmail email processing software allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the loadbuf function in the Procmail email processing software arises due to an overflow in the buffer in dynamic memory. Exploiting this vulnerability allows a malicious actor to cause service failures or execute arbitrary code through a specially crafted email message...

procmail: Heap-based buffer overflow in loadbuf function in formisc.c

A heap-based buffer overflow flaw was found in procmail's formail utility. A remote attacker could send a specially crafted email that, when processed by formail, could cause formail to crash or, possibly, execute arbitrary code as the user running formail...

procmail security update

3.22-36.1 - Fixed possible buffer overflow in loadbuf function Resolves: CVE-2017-16844...

procmail Heap Buffer Overflow Vulnerability

procmail is a set of mail management tools. The tool supports filtering and sorting messages, creating mail servers, mailing lists, and more. A heap buffer overflow vulnerability exists in the 'loadbuf' function in the formisc.c file of formail in procmail version 3.22. A remote attacker can...

AZL-6803 CVE-2017-16844 affecting package procmail for versions less than 3.22-53

Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size, a different vulnerability than...

DEBIAN-CVE-2017-16844

Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size, a different vulnerability than...

AZL-36982 CVE-2017-16844 affecting package procmail for versions less than 3.22-53

Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size, a different vulnerability than...

AZL-7332 CVE-2017-16844 affecting package procmail for versions less than 3.22-53

Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size, a different vulnerability than...

MGASA-2017-0392 Updated procmail packages fix security vulnerability

A flaw was found in the loadbuf function in formisc.c. When the buffer is too small, the function tries to resize it, but only by Bsize =128 bytes. This is not necessarily enough and could cause denial of service...

Updated procmail packages fix security vulnerability

A flaw was found in the loadbuf function in formisc.c. When the buffer is too small, the function tries to resize it, but only by Bsize =128 bytes. This is not necessarily enough and could cause denial of service...