Scientific Linux Security Update : procmail on SL7.x x86_64
Critical Nessus Plugin ID 104867
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionSecurity Fix(es) :
- A heap-based buffer overflow flaw was found in procmail's formail utility. A remote attacker could send a specially crafted email that, when processed by formail, could cause formail to crash or, possibly, execute arbitrary code as the user running formail.
SolutionUpdate the affected procmail and / or procmail-debuginfo packages.