CVE-2004-2771

HIGH

Description

The expand function in fio.c in Heirloom mailx 12.5 and earlier and BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an email address.

References

http://linux.oracle.com/errata/ELSA-2014-1999.html

http://rhn.redhat.com/errata/RHSA-2014-1999.html

http://seclists.org/oss-sec/2014/q4/1066

http://secunia.com/advisories/60940

http://secunia.com/advisories/61585

http://secunia.com/advisories/61693

http://www.debian.org/security/2014/dsa-3105

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=278748

Details

Source: MITRE

Published: 2014-12-24

Updated: 2019-12-27

Type: CWE-20

Risk Information

CVSS v2.0

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

Vulnerable Software

Tenable Plugins

View all (17 total)

ID	Name	Product	Family	Severity
108927	GLSA-201804-06 : mailx: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
99238	F5 Networks BIG-IP : Mailx vulnerabilities (K16945)	Nessus	F5 Networks Local Security Checks	high
89084	Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : mailx (SSA:2016-062-01)	Nessus	Slackware Local Security Checks	high
82098	Debian DLA-114-1 : heirloom-mailx security update	Nessus	Debian Local Security Checks	high
80430	Mandriva Linux Security Advisory : nail (MDVSA-2015:011)	Nessus	Mandriva Local Security Checks	high
80418	Amazon Linux AMI : mailx (ALAS-2015-467)	Nessus	Amazon Linux Local Security Checks	high
80345	Fedora 19 : mailx-12.5-9.fc19 (2014-17277)	Nessus	Fedora Local Security Checks	high
80344	Fedora 20 : mailx-12.5-11.fc20 (2014-17245)	Nessus	Fedora Local Security Checks	high
80343	Fedora 21 : mailx-12.5-14.fc21 (2014-17243)	Nessus	Fedora Local Security Checks	high
80279	OracleVM 3.3 : mailx (OVMSA-2014-0086)	Nessus	OracleVM Local Security Checks	high
80274	openSUSE Security Update : mailx (openSUSE-SU-2014:1713-1)	Nessus	SuSE Local Security Checks	high
80251	SuSE 11.3 Security Update : mailx (SAT Patch Number 10096)	Nessus	SuSE Local Security Checks	high
80075	Scientific Linux Security Update : mailx on SL6.x, SL7.x i386/x86_64 (20141216)	Nessus	Scientific Linux Local Security Checks	high
80074	RHEL 6 / 7 : mailx (RHSA-2014:1999)	Nessus	Red Hat Local Security Checks	high
80071	Oracle Linux 6 / 7 : mailx (ELSA-2014-1999)	Nessus	Oracle Linux Local Security Checks	high
80058	Debian DSA-3105-1 : heirloom-mailx - security update	Nessus	Debian Local Security Checks	high
80056	CentOS 6 / 7 : mailx (CESA-2014:1999)	Nessus	CentOS Local Security Checks	high