aru Posted February 23, 2006 Report Share Posted February 23, 2006 Mandriva Advisories MDKSA-2006:047 : metamail Updated metamail packages fix vulnerability February 22nd, 2006 Ulf Harnhammar discovered a buffer overflow vulnerability in the way that metamail handles certain mail messages.An attacker could create a carefully-crafted message that, when parsed via metamail, could execute arbitrary code with the privileges of the user running metamail. The updated packages have been patched to address this issue. The released versions of Mandriva GNU/Linux affected are: 10.1 CS3.0 10.2 2006.0 Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:047 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0709 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $) Link to comment Share on other sites More sharing options...
Recommended Posts