ISS X-Force Database: metamail-splitmail-subject-bo(15258): Metamail splitmail file Subject header buffer overflow

Metamail splitmail file Subject header buffer overflow

metamail-splitmail-subject-bo (15258)

High Risk

Description:

Metamail is vulnerable to a buffer overflow in the ShareThisHeader function in the splitmail.c file. A remote attacker could create a specially-crafted mail message containing a long Subject header to overflow a buffer and execute arbitrary code on the system with privileges of the user, once the message is opened.

Platforms Affected:

Debian, Debian Linux 3.0
Gentoo, Linux
MandrakeSoft, Mandrake Linux 9.0
MandrakeSoft, Mandrake Linux 9.1
MandrakeSoft, Mandrake Linux 9.1 PPC
MandrakeSoft, Mandrake Linux 9.2 AMD64
MandrakeSoft, Mandrake Linux 9.2
MandrakeSoft, Mandrake Linux Corporate Server 2.1 X86_64
MandrakeSoft, Mandrake Linux Corporate Server 2.1
RedHat, Enterprise Linux 2.1 AW
RedHat, Enterprise Linux 2.1 WS
RedHat, Enterprise Linux 2.1 ES
RedHat, Enterprise Linux 2.1 AS
RedHat, Linux Advanced Workstation 2.1 Itanium
Telcordia Technologies, Metamail 2.7 and prior

Remedy:

For Red Hat Linux:
Upgrade to the latest Metamail package, as listed below. Refer to RHSA-2004:073-05 for more information. See References.

Red Hat Enterprise Linux AS (v. 2.1), Es (v. 2.1), WS (vs. 2.1), and Advanced Workstation 2.1 for the Itanium Processor: 2.7-29 or later

Consequences:

Gain Privileges

References:

BugTraq Mailing List, Wed Feb 18 2004 - 13:40:32 CST, metamail format string bugs and buffer overflows at http://archives.neohapsis.com/archives/bugtraq/2004-02/0502.html.
BID-9692: Metamail Multiple Buffer Overflow/Format String Handling Vulnerabilities
CVE-2004-0105: Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
DSA-449: metamail -- buffer overflow
GLSA-200405-17: Multiple vulnerabilities in metamail
MDKSA-2004:014: Updated metamail packages fix buffer overflow vulnerabilities
RHSA-2004-073: metamail security update
SA10908: Metamail Message Parsing System Compromise Vulnerabilities
US-CERT VU#513062: metamail contains multiple buffer overflow vulnerabilities

Reported:

Feb 18, 2004

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page