Gentoo Linux Security Advisory 201804-6 - Multiple vulnerabilities were discovered in mailx, the worst of which may allow a remote attacker to execute arbitrary commands. Versions less than 8.1.2.20160123 are affected.
a5df72a482dd10b2fa363784319a3be3dcd1a6afdb5686f7c8dc9a29a2541152Slackware Security Advisory - New mailx packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.
7c91a7b7cd14403f1eb73d918150d4cfab9191c3695907b12ea5513ad4214e16Mandriva Linux Security Advisory 2015-011 - A flaw was found in the way mailx handled the parsing of email addresses. A syntactically valid email address could allow a local attacker to cause mailx to execute arbitrary shell commands through shell meta-characters and the direct command execution functionality.
45862ddf8d02a45eb593c9aa3796b231b6204a70b54fdae6d3551fefb467715cRed Hat Security Advisory 2014-1999-01 - The mailx packages contain a mail user agent that is used to manage mail using scripts. A flaw was found in the way mailx handled the parsing of email addresses. A syntactically valid email address could allow a local attacker to cause mailx to execute arbitrary shell commands through shell meta-characters and the direct command execution functionality. Note: Applications using mailx to send email to addresses obtained from untrusted sources will still remain vulnerable to other attacks if they accept email addresses which start with "-". To counteract this issue, this update also introduces the "--" option, which will treat the remaining command line arguments as email addresses.
550a292aa61b5f7a074e345298a0cd0059f2754363fdcbd0de30b1f3ff6b3bc4Debian Linux Security Advisory 3105-1 - Two security vulnerabilities were discovered in Heirloom mailx, an implementation of the "mail" command.
3276ccbb50391322547e01d57c1b7e9bacbeee3a02b4097917699734e69e42da
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed