[SECURITY] [DLA 113-1] bsd-mailx security update

Package : bsd-mailx Version : 8.1.2-0.20100314cvs-1+deb6u1 CVE ID : CVE-2014-7844 It was discovered that bsd-mailx, an implementation of the "mail" command, had an undocumented feature which treats syntactically valid email addresses as shell commands to execute. Users who need this feature can...

DLA-113-1 bsd-mailx - security update

Bulletin has no description...

Design/Logic Flaw

NetBSD 1.6 up to 3.0, when a user has "set record" in .mailrc with the default umask set, creates the record file with 0644 permissions, which allows local users to read the record file...

CVE-2006-1587

NetBSD 1.6 up to 3.0, when a user has "set record" in .mailrc with the default umask set, creates the record file with 0644 permissions, which allows local users to read the record file...

CVE-2006-1587

CVE-2006-1587 affects NetBSD 1.6–3.0. When a user has “set record” in .mailrc and the default umask, the created record file has 0644 permissions, allowing local users to read it. The connected documents confirm the vulnerable behavior and impact; no explicit exploitation details or remediation a...

NetBSD mail weak permissions

Record file is created workd-readable if set record is present in .mailrc...