VULHUB ™

A vulnerability has been discovered in the Linux /bin/mail utility. The problem occurs when processing excessive data within the carbon copy field. Due to insufficient bounds checking while parsing this information it may be possible to trigger a buffer overrun. An attacker could exploit this issue to execute arbitrary commands. It should be noted that local exploitation may be inconsequential, however a malicious e-mail message or CGI interface could be a sufficient conduit for remote exploitation.

A vulnerability has been discovered in the Linux /bin/mail utility. The problem occurs when processing excessive data within the carbon copy field. Due to insufficient bounds checking while parsing this information it may be possible to trigger a buffer overrun. An attacker could exploit this issue to execute arbitrary commands. It should be noted that local exploitation may be inconsequential, however a malicious e-mail message or CGI interface could be a sufficient conduit for remote exploitation.