Search criteria

2 vulnerabilities by bsd_mailx_project

CVE-2014-7844 (GCVE-0-2014-7844)

Vulnerability from cvelistv5 – Published: 2020-01-14 16:13 – Updated: 2024-08-06 13:03
VLAI?
Summary
BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted email address.
Severity ?
No CVSS data available.
CWE
  • Metacharacters
Assigner
References
Impacted products
Vendor Product Version
BSD mailx Affected: 8.1.2 and earlier
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T13:03:27.517Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/oss-sec/2014/q4/1066"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://linux.oracle.com/errata/ELSA-2014-1999.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2014/dsa-3104"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2014/dsa-3105"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1999.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "mailx",
          "vendor": "BSD",
          "versions": [
            {
              "status": "affected",
              "version": "8.1.2 and earlier"
            }
          ]
        }
      ],
      "datePublic": "2004-10-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted email address."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Metacharacters",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-14T16:13:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://seclists.org/oss-sec/2014/q4/1066"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://linux.oracle.com/errata/ELSA-2014-1999.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.debian.org/security/2014/dsa-3104"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.debian.org/security/2014/dsa-3105"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1999.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2014-7844",
    "datePublished": "2020-01-14T16:13:01",
    "dateReserved": "2014-10-03T00:00:00",
    "dateUpdated": "2024-08-06T13:03:27.517Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2004-2771 (GCVE-0-2004-2771)

Vulnerability from cvelistv5 – Published: 2014-12-24 18:00 – Updated: 2024-08-08 01:36
VLAI?
Summary
The expand function in fio.c in Heirloom mailx 12.5 and earlier and BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an email address.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://linux.oracle.com/errata/ELSA-2014-1999.html x_refsource_CONFIRM
http://www.debian.org/security/2014/dsa-3105 vendor-advisoryx_refsource_DEBIAN
http://secunia.com/advisories/61693 third-party-advisoryx_refsource_SECUNIA
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug… x_refsource_CONFIRM
http://seclists.org/oss-sec/2014/q4/1066 mailing-listx_refsource_MLIST
http://secunia.com/advisories/60940 third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/61585 third-party-advisoryx_refsource_SECUNIA
http://rhn.redhat.com/errata/RHSA-2014-1999.html vendor-advisoryx_refsource_REDHAT
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T01:36:25.354Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://linux.oracle.com/errata/ELSA-2014-1999.html"
          },
          {
            "name": "DSA-3105",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2014/dsa-3105"
          },
          {
            "name": "61693",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61693"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=278748"
          },
          {
            "name": "[oss-security] 20141216 mailx issues (CVE-2004-2771, CVE-2014-7844)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://seclists.org/oss-sec/2014/q4/1066"
          },
          {
            "name": "60940",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60940"
          },
          {
            "name": "61585",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/61585"
          },
          {
            "name": "RHSA-2014:1999",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1999.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-10-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The expand function in fio.c in Heirloom mailx 12.5 and earlier and BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an email address."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2014-12-24T17:57:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://linux.oracle.com/errata/ELSA-2014-1999.html"
        },
        {
          "name": "DSA-3105",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2014/dsa-3105"
        },
        {
          "name": "61693",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61693"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=278748"
        },
        {
          "name": "[oss-security] 20141216 mailx issues (CVE-2004-2771, CVE-2014-7844)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://seclists.org/oss-sec/2014/q4/1066"
        },
        {
          "name": "60940",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60940"
        },
        {
          "name": "61585",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/61585"
        },
        {
          "name": "RHSA-2014:1999",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1999.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2004-2771",
    "datePublished": "2014-12-24T18:00:00",
    "dateReserved": "2012-01-04T00:00:00",
    "dateUpdated": "2024-08-08T01:36:25.354Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}