Lucene search
K

231 matches found

Tenable Nessus
Tenable Nessus
added 2017/11/22 12:0 a.m.30 views

FreeBSD : procmail -- Heap-based buffer overflow (288f7cee-ced6-11e7-8ae9-0050569f0b83)

MITRE reports : A remote attacker could use a flaw to cause formail to crash, resulting in a denial of service or data loss. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright...

10CVSS7.8AI score0.12524EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2017/11/21 1:44 p.m.53 views

USN-3483-2: procmail vulnerability

USN-3483-1 fixed a vulnerability in procmail. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Jakub Wilk discovered that the formail tool incorrectly handled certain malformed mail messages. An attacker could use this flaw to cause formail to crash,...

10CVSS8AI score0.12524EPSS
Exploits0
OpenVAS
OpenVAS
added 2017/11/21 12:0 a.m.27 views

Ubuntu: Security Advisory (USN-3483-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.6AI score0.12524EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2017/11/21 12:0 a.m.20 views

Ubuntu 14.04 LTS / 16.04 LTS : procmail vulnerability (USN-3483-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-3483-1 advisory. Jakub Wilk discovered that the formail tool incorrectly handled certain malformed mail messages. An attacker could use this flaw to cause formail to...

10CVSS8.1AI score0.12524EPSS
Exploits0References2
OSV
OSV
added 2017/11/20 6:0 p.m.4 views

USN-3483-1 procmail vulnerability

Jakub Wilk discovered that the formail tool incorrectly handled certain malformed mail messages. An attacker could use this flaw to cause formail to crash, resulting in a denial of service, or possibly execute arbitrary code...

10CVSS7.2AI score0.12524EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2017/11/20 6:0 p.m.65 views

USN-3483-1: procmail vulnerability

Jakub Wilk discovered that the formail tool incorrectly handled certain malformed mail messages. An attacker could use this flaw to cause formail to crash, resulting in a denial of service, or possibly execute arbitrary code...

10CVSS8AI score0.12524EPSS
Exploits0
CNVD
CNVD
added 2017/11/20 12:0 a.m.0 views

procmail Heap Buffer Overflow Vulnerability

procmail is a set of mail management tools. The tool supports filtering and sorting messages, creating mail servers, mailing lists, and more. A heap buffer overflow vulnerability exists in the 'loadbuf' function in the formisc.c file of formail in procmail version 3.22. A remote attacker can...

10CVSS7.2AI score0.12524EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2017/11/20 12:0 a.m.39 views

Debian DLA-1173-1 : procmail security update

It was discovered that there was a heap-based buffer overflow in procmail, a tool used to sort incoming mail into various directories and filter out spam messages. For Debian 7 'Wheezy', this issue has been fixed in procmail version 3.22-20+deb7u2. We recommend that you upgrade your procmail...

10CVSS7.9AI score0.12524EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2017/11/20 12:0 a.m.25 views

Debian DSA-4041-1 : procmail - security update

Jakub Wilk reported a heap-based buffer overflow vulnerability in procmail's formail utility when processing specially crafted email headers. A remote attacker could use this flaw to cause formail to crash, resulting in a denial of service or data loss. %NASLMINLEVEL 70300 C Tenable Network...

10CVSS8AI score0.12524EPSS
Exploits0References6
Debian
Debian
added 2017/11/19 8:55 a.m.25 views

[SECURITY] [DSA 4041-1] procmail security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4041-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 19, 2017 https://www.debian.org/security/faq -...

10CVSS1.6AI score0.12524EPSS
Exploits0
Debian
Debian
added 2017/11/19 8:55 a.m.32 views

[SECURITY] [DSA 4041-1] procmail security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4041-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 19, 2017 https://www.debian.org/security/faq -...

10CVSS9.6AI score0.12524EPSS
Exploits0
OSV
OSV
added 2017/11/19 12:0 a.m.17 views

DSA-4041-1 procmail - security update

Bulletin has no description...

10CVSS9.4AI score0.12524EPSS
Exploits0
Debian
Debian
added 2017/11/18 1:13 a.m.27 views

[SECURITY] [DLA 1173-1] procmail security update

Package : procmail Version : 3.22-20+deb7u2 CVE ID : CVE-2017-16844 Debian Bug : 876511 It was discovered that there was a heap-based buffer overflow in procmail, a tool used to sort incoming mail into various directories and filter out spam messages. For Debian 7 "Wheezy", this issue has been...

10CVSS9.8AI score0.12524EPSS
Exploits0
OSV
OSV
added 2017/11/18 12:0 a.m.16 views

DLA-1173-1 procmail - security update

Bulletin has no description...

10CVSS9.4AI score0.12524EPSS
Exploits0
OpenVAS
OpenVAS
added 2017/11/18 12:0 a.m.45 views

Debian: Security Advisory (DSA-4041-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.6AI score0.12524EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2017/11/16 4:19 p.m.18 views

CVE-2017-16844

A heap-based buffer overflow flaw was found in procmail's formail utility. A remote attacker could send a specially crafted email that, when processed by formail, could cause formail to crash or, possibly, execute arbitrary code as the user running formail...

10CVSS5.1AI score0.12524EPSS
Exploits0References1
Prion
Prion
added 2017/11/16 3:29 p.m.18 views

Heap overflow

Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size, a different vulnerability than...

10CVSS9.8AI score0.12524EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2017/11/16 3:29 p.m.12 views

CVE-2017-16844

Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size, a different vulnerability than...

10CVSS8.4AI score0.12524EPSS
Exploits0References5
OSV
OSV
added 2017/11/16 3:29 p.m.3 views

CVE-2017-16844

Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size, a different vulnerability than...

9.8CVSS9.9AI score
Exploits0References5
OSV
OSV
added 2017/11/16 3:29 p.m.8 views

AZL-6803 CVE-2017-16844 affecting package procmail for versions less than 3.22-53

Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted e-mail message because of a hardcoded realloc size, a different vulnerability than...

9.8CVSS7.9AI score0.12524EPSS
Exploits0References1
Rows per page
Query Builder