Published: 24/12/2014 Updated: 13/02/2023

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

The expand function in fio.c in Heirloom mailx 12.5 and previous versions and BSD mailx 8.1.2 and previous versions allows remote malicious users to execute arbitrary commands via shell metacharacters in an email address.

Vulnerable Product	Search on Vulmon	Subscribe to Product
oracle linux 6
oracle linux 7
redhat enterprise linux 7.0
redhat enterprise linux 6.0
bsd mailx project bsd mailx
heirloom mailx

Synopsis Moderate: mailx security update Type/Severity Security Advisory: Moderate Topic Updated mailx packages that fix two security issues are now available forRed Hat Enterprise Linux 6 and 7Red Hat Product Security has rated this update as having Moderate securityimpact Common Vulnerability Scoring Sy ...

Debian Bug report logs - #773417 heirloom-mailx: CVE-2004-2771 CVE-2014-7844 Package: src:heirloom-mailx; Maintainer for src:heirloom-mailx is Hilko Bengen <bengen@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 18 Dec 2014 07:42:02 UTC Severity: grave Tags: security, upstream Found in ...

It was discovered that bsd-mailx, an implementation of the mail command, had an undocumented feature which treats syntactically valid email addresses as shell commands to execute Users who need this feature can re-enable it using the expandaddr in an appropriate mailrc file This update also removes the obsolete -T option An older security vulner ...

Two security vulnerabilities were discovered in Heirloom mailx, an implementation of the mail command: CVE-2004-2771 mailx interprets shell meta-characters in certain email addresses CVE-2014-7844 An unexpected feature of mailx treats syntactically valid email addresses as shell commands to execute Shell command execution can be ...

A flaw was found in the way mailx handled the parsing of email addresses A syntactically valid email address could allow a local attacker to cause mailx to execute arbitrary shell commands through shell meta-characters and the direct command execution functionality (CVE-2004-2771, CVE-2014-7844) Note: Applications using mailx to send email to add ...

A flaw was found in the way mailx handled the parsing of email addresses A syntactically valid email address could allow a local attacker to cause mailx to execute arbitrary shell commands through shell meta-characters (CVE-2004-2771) and the direct command execution functionality (CVE-2014-7844) ...

The nail project was renamed "heirloom-mailx" and then seemed to die. This is that code.

heirloom-mailx This is version 124 of "heirloom-mailx" History The mailx program began at Berkely around 1978 The BSD version continued to be updated until 1993 That code was later forked (around the year 2000) into the nail project, which added first the MIME changes to email from the 1990s and then additional features like reading remote mail stores (POP and IMAP

CWE-20 http://secunia.com/advisories/61585 http://secunia.com/advisories/60940 http://secunia.com/advisories/61693 http://www.debian.org/security/2014/dsa-3105 http://seclists.org/oss-sec/2014/q4/1066 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=278748 http://rhn.redhat.com/errata/RHSA-2014-1999.html http://linux.oracle.com/errata/ELSA-2014-1999.html https://access.redhat.com/errata/RHSA-2014:1999 https://nvd.nist.gov https://github.com/Eli-the-Bearded/heirloom-mailx https://access.redhat.com/security/cve/cve-2004-2771 https://www.debian.org/security/./dsa-3104

CVE-2004-2771

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect