Search

Find a vulnerability

Search criteria

    2 vulnerabilities by heirloom

    CVE-2004-2771 (GCVE-0-2004-2771)

    Vulnerability from nvd – Published: 2014-12-24 18:00 – Updated: 2024-08-08 01:36
    VLAI
    Summary
    The expand function in fio.c in Heirloom mailx 12.5 and earlier and BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an email address.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://linux.oracle.com/errata/ELSA-2014-1999.html x_refsource_CONFIRM
    http://www.debian.org/security/2014/dsa-3105 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/61693 third-party-advisoryx_refsource_SECUNIA
    https://bugs.debian.org/cgi-bin/bugreport.cgi?bug… x_refsource_CONFIRM
    http://seclists.org/oss-sec/2014/q4/1066 mailing-listx_refsource_MLIST
    http://secunia.com/advisories/60940 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/61585 third-party-advisoryx_refsource_SECUNIA
    http://rhn.redhat.com/errata/RHSA-2014-1999.html vendor-advisoryx_refsource_REDHAT
    Date Public
    2004-10-29 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T01:36:25.354Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://linux.oracle.com/errata/ELSA-2014-1999.html"
              },
              {
                "name": "DSA-3105",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2014/dsa-3105"
              },
              {
                "name": "61693",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/61693"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=278748"
              },
              {
                "name": "[oss-security] 20141216 mailx issues (CVE-2004-2771, CVE-2014-7844)",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://seclists.org/oss-sec/2014/q4/1066"
              },
              {
                "name": "60940",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/60940"
              },
              {
                "name": "61585",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/61585"
              },
              {
                "name": "RHSA-2014:1999",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2014-1999.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-10-29T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The expand function in fio.c in Heirloom mailx 12.5 and earlier and BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an email address."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2014-12-24T17:57:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://linux.oracle.com/errata/ELSA-2014-1999.html"
            },
            {
              "name": "DSA-3105",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2014/dsa-3105"
            },
            {
              "name": "61693",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/61693"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=278748"
            },
            {
              "name": "[oss-security] 20141216 mailx issues (CVE-2004-2771, CVE-2014-7844)",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://seclists.org/oss-sec/2014/q4/1066"
            },
            {
              "name": "60940",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/60940"
            },
            {
              "name": "61585",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/61585"
            },
            {
              "name": "RHSA-2014:1999",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1999.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2004-2771",
        "datePublished": "2014-12-24T18:00:00.000Z",
        "dateReserved": "2012-01-04T00:00:00.000Z",
        "dateUpdated": "2024-08-08T01:36:25.354Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-2771 (GCVE-0-2004-2771)

    Vulnerability from cvelistv5 – Published: 2014-12-24 18:00 – Updated: 2024-08-08 01:36
    VLAI
    Summary
    The expand function in fio.c in Heirloom mailx 12.5 and earlier and BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an email address.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://linux.oracle.com/errata/ELSA-2014-1999.html x_refsource_CONFIRM
    http://www.debian.org/security/2014/dsa-3105 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/61693 third-party-advisoryx_refsource_SECUNIA
    https://bugs.debian.org/cgi-bin/bugreport.cgi?bug… x_refsource_CONFIRM
    http://seclists.org/oss-sec/2014/q4/1066 mailing-listx_refsource_MLIST
    http://secunia.com/advisories/60940 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/61585 third-party-advisoryx_refsource_SECUNIA
    http://rhn.redhat.com/errata/RHSA-2014-1999.html vendor-advisoryx_refsource_REDHAT
    Date Public
    2004-10-29 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T01:36:25.354Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://linux.oracle.com/errata/ELSA-2014-1999.html"
              },
              {
                "name": "DSA-3105",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2014/dsa-3105"
              },
              {
                "name": "61693",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/61693"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=278748"
              },
              {
                "name": "[oss-security] 20141216 mailx issues (CVE-2004-2771, CVE-2014-7844)",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://seclists.org/oss-sec/2014/q4/1066"
              },
              {
                "name": "60940",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/60940"
              },
              {
                "name": "61585",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/61585"
              },
              {
                "name": "RHSA-2014:1999",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2014-1999.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-10-29T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The expand function in fio.c in Heirloom mailx 12.5 and earlier and BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an email address."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2014-12-24T17:57:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://linux.oracle.com/errata/ELSA-2014-1999.html"
            },
            {
              "name": "DSA-3105",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2014/dsa-3105"
            },
            {
              "name": "61693",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/61693"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=278748"
            },
            {
              "name": "[oss-security] 20141216 mailx issues (CVE-2004-2771, CVE-2014-7844)",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://seclists.org/oss-sec/2014/q4/1066"
            },
            {
              "name": "60940",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/60940"
            },
            {
              "name": "61585",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/61585"
            },
            {
              "name": "RHSA-2014:1999",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1999.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2004-2771",
        "datePublished": "2014-12-24T18:00:00.000Z",
        "dateReserved": "2012-01-04T00:00:00.000Z",
        "dateUpdated": "2024-08-08T01:36:25.354Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }