First Last Prev Next    This bug is not in your last search results.
Bug 37371 - bsd-mailx: Command injection (ES 3.1)
bsd-mailx: Command injection (ES 3.1)
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Security updates
UCS 4.0
Other Linux
: P5 normal (vote)
: UCS 3.1-ES
Assigned To: Philipp Hahn
Arvid Requate
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2014-12-17 09:04 CET by Moritz Muehlenhoff
Modified: 2016-06-20 17:41 CEST (History)
1 user (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Moritz Muehlenhoff univentionstaff 2014-12-17 09:04:37 CET 
An undocumented feature in mailx (the implementation of the mail command) allows the execution of arbitrary commands if the email address is obtained from a remote source (CVE-2014-7844)
Comment 1 Stefan Gohmann univentionstaff 2016-05-19 10:01:53 CEST 
I think it was fixed upstream and we can import the package:
  https://security-tracker.debian.org/tracker/DLA-113-1
Comment 2 Philipp Hahn univentionstaff 2016-05-25 13:28:44 CEST 
repo_admin.py --cherrypick -p bsd-mailx -r 3.2 -s errata3.2-4 --releasedest 3.1 --dest extsec3.1 # 8.1.2-0.20100314cvs-1+deb6u1

Package: bsd-mailx
Version: 8.1.2-0.20100314cvs-1.10.201605251209
Branch: ucs_3.1-0
Scope: extsec3.1

r69528 | Bug #37371: bsd-mailx
 branches/ucs-3.1/ucs-3.1-1/doc/errata/staging/bsd-mailx.txt
Comment 3 Arvid Requate univentionstaff 2016-06-08 18:54:13 CEST 
* Imported version is the latest in squeeze-lts
* There are no additional known vulnerabilities
* Package is updatable and sending mail via /usr/sbin/mail (bsd-mailx) works
* Advisory Ok
Comment 4 Janek Walkenhorst univentionstaff 2016-06-20 17:41:55 CEST 
<http://errata.software-univention.de/ucs/3.1/284.html>
First Last Prev Next    This bug is not in your last search results.