SCIENTIFIC-LINUX-ERRATA Archives

December 2014

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Security ERRATA Moderate: mailx on SL6.x, SL7.x i386/x86_64
From:
Pat Riehecky <[log in to unmask]>
Reply To:
[log in to unmask]
Date:
Tue, 16 Dec 2014 21:27:26 +0000
Content-Type:
text/plain
Parts/Attachments:
text/plain (35 lines) 
Synopsis:          Moderate: mailx security update
Advisory ID:       SLSA-2014:1999-1
Issue Date:        2014-12-16
CVE Numbers:       CVE-2004-2771
                   CVE-2014-7844
--

A flaw was found in the way mailx handled the parsing of email addresses.
A syntactically valid email address could allow a local attacker to cause
mailx to execute arbitrary shell commands through shell meta-characters
and the direct command execution functionality. (CVE-2004-2771,
CVE-2014-7844)

Note: Applications using mailx to send email to addresses obtained from
untrusted sources will still remain vulnerable to other attacks if they
accept email addresses which start with "-" (so that they can be confused
with mailx options). To counteract this issue, this update also introduces
the "--" option, which will treat the remaining command line arguments as
email addresses.
--

SL6
  x86_64
    mailx-12.4-8.el6_6.x86_64.rpm
    mailx-debuginfo-12.4-8.el6_6.x86_64.rpm
  i386
    mailx-12.4-8.el6_6.i686.rpm
    mailx-debuginfo-12.4-8.el6_6.i686.rpm
SL7
  x86_64
    mailx-12.5-12.el7_0.x86_64.rpm
    mailx-debuginfo-12.5-12.el7_0.x86_64.rpm

- Scientific Linux Development Team

ATOM RSS1 RSS2