Updated nail package fixes security vulnerabilities
Publication date: 19 Dec 2014Modification date: 19 Dec 2014
Type: security
Affected Mageia releases : 4
CVE: CVE-2004-2771 , CVE-2014-7844
Description
Updated nail package fixes security vulnerabilities: A flaw was found in the way mailx handled the parsing of email addresses. A syntactically valid email address could allow a local attacker to cause mailx to execute arbitrary shell commands through shell meta-characters and the direct command execution functionality (CVE-2004-2771, CVE-2014-7844).
References
SRPMS
4/core
- nail-12.4-9.1.mga4