Download
| Alert*
oval:org.secpod.oval:def:702351
bsd-mailx: simple mail user agent bsd-mailx could be made to run programs if it parsed a specially crafted email address. oval:org.secpod.oval:def:1500837 Updated mailx packages that fix two security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available for eac ... oval:org.secpod.oval:def:1500829 Updated mailx packages that fix two security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are available for eac ... oval:org.secpod.oval:def:203520 The mailx packages contain a mail user agent that is used to manage mail using scripts. A flaw was found in the way mailx handled the parsing of email addresses. A syntactically valid email address could allow a local attacker to cause mailx to execute arbitrary shell commands through shell meta-cha ... oval:org.secpod.oval:def:26680 The host is installed with Apple Mac OS X or Server 10.10.x through 10.10.4 and is prone to an arbitrary shell command execution vulnerability. A flaw is present in the application, which fails to handle unknown vectors. Successful exploitation allows attackers to execute arbitrary shell commands. oval:org.secpod.oval:def:601877 It was discovered that bsd-mailx, an implementation of the "mail" command, had an undocumented feature which treats syntactically valid email addresses as shell commands to execute. Users who need this feature can re-enable it using the "expandaddr" in an appropriate mailrc file. ... oval:org.secpod.oval:def:601876 Two security vulnerabilities were discovered in Heirloom mailx, an implementation of the "mail" command: CVE-2004-2771 mailx interprets interprets shell meta-characters in certain email addresses. CVE-2014-7844 An unexpected feature of mailx treats syntactically valid email addresses as sh ... oval:org.secpod.oval:def:108239 Mailx is an enhanced mail command, which provides the functionality of the POSIX mailx command, as well as SysV mail and Berkeley Mail . Additionally to the POSIX features, mailx can work with Maildir/ e-mail storage format , supports IMAP, POP3 and SMTP protocols to operate with remote hosts, hand ... oval:org.secpod.oval:def:501474 The mailx packages contain a mail user agent that is used to manage mail using scripts. A flaw was found in the way mailx handled the parsing of email addresses. A syntactically valid email address could allow a local attacker to cause mailx to execute arbitrary shell commands through shell meta-cha ... oval:org.secpod.oval:def:1200154 A flaw was found in the way mailx handled the parsing of email addresses. A syntactically valid email address could allow a local attacker to cause mailx to execute arbitrary shell commands through shell meta-characters and the direct command execution functionality. Note: Applications using mailx t ... oval:org.secpod.oval:def:108240 Mailx is an enhanced mail command, which provides the functionality of the POSIX mailx command, as well as SysV mail and Berkeley Mail . Additionally to the POSIX features, mailx can work with Maildir/ e-mail storage format , supports IMAP, POP3 and SMTP protocols to operate with remote hosts, hand ... oval:org.secpod.oval:def:108241 Mailx is an enhanced mail command, which provides the functionality of the POSIX mailx command, as well as SysV mail and Berkeley Mail . Additionally to the POSIX features, mailx can work with Maildir/ e-mail storage format , supports IMAP, POP3 and SMTP protocols to operate with remote hosts, hand ... oval:org.secpod.oval:def:203518 The mailx packages contain a mail user agent that is used to manage mail using scripts. A flaw was found in the way mailx handled the parsing of email addresses. A syntactically valid email address could allow a local attacker to cause mailx to execute arbitrary shell commands through shell meta-cha ... oval:org.secpod.oval:def:52374 bsd-mailx: simple mail user agent bsd-mailx could be made to run programs if it parsed a specially crafted email address. oval:org.secpod.oval:def:26707 The host is missing a security update according to Apple advisory, APPLE-SA-2015-08-13-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a crafted vectors. Successful exploitation may lead to an unexpected application terminati ... |