Metamail header format string
| metamail-printheader-format-string (15259) |  High Risk |
Description:
Metamail is vulnerable to a format string attack, caused by a vulnerability in the PrintHeader function in the metamail.c file. A remote attacker could create a specially-crafted mail message containing encoded non-ASCII characters and format specifiers to execute arbitrary code on the system with privileges of the user, once the message is opened.
Consequences:
Gain Privileges
Remedy:
For Red Hat Linux:
Upgrade to the latest Metamail package, as listed below. Refer to RHSA-2004:073-05 for more information. See References.
Red Hat Enterprise Linux AS (v. 2.1), Es (v. 2.1), WS (vs. 2.1), and Advanced Workstation 2.1 for the Itanium Processor: 2.7-29 or later
References:
- BugTraq Mailing List, Wed Feb 18 2004 - 13:40:32 CST: metamail format string bugs and buffer overflows.
- CIAC Information Bulletin O-083: Red Hat Updated Metamail Packages Fix Vulnerabilities.
- BID-9692: Metamail Multiple Buffer Overflow/Format String Handling Vulnerabilities
- CVE-2004-0104: Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
- DSA-449: metamail -- buffer overflow
- GLSA-200405-17: Multiple vulnerabilities in metamail
- MDKSA-2004:014: Updated metamail packages fix buffer overflow vulnerabilities
- RHSA-2004-073: metamail security update
- SA10908: Metamail Message Parsing System Compromise Vulnerabilities
- US-CERT VU#518518: metamail contains multiple format string vulnerabilities
Platforms Affected:
- Debian Debian Linux 3.0
- Gentoo Linux
- MandrakeSoft Mandrake Linux 9.0
- MandrakeSoft Mandrake Linux 9.1 PPC
- MandrakeSoft Mandrake Linux 9.1
- MandrakeSoft Mandrake Linux 9.2 AMD64
- MandrakeSoft Mandrake Linux 9.2
- MandrakeSoft Mandrake Linux Corporate Server 2.1 X86_64
- MandrakeSoft Mandrake Linux Corporate Server 2.1
- RedHat Enterprise Linux 2.1 ES
- RedHat Enterprise Linux 2.1 WS
- RedHat Enterprise Linux 2.1 AW
- RedHat Enterprise Linux 2.1 AS
- RedHat Linux Advanced Workstation 2.1 Itanium
- Telcordia Technologies Metamail 2.7 and prior
Reported:
Feb 18, 2004
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email ignore thisxforceignore this@ignore thisus.ignore thisibm.comignore this