GLSA-200603-16 : Metamail: Buffer overflow
High Nessus Plugin ID 21097
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-200603-16 (Metamail: Buffer overflow)
Ulf Harnhammar discovered a buffer overflow in Metamail when processing mime boundaries.
By sending a specially crafted email, attackers could potentially exploit this vulnerability to crash Metamail or to execute arbitrary code.
There is no known workaround at this time.
SolutionAll Metamail users should update to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=net-mail/metamail-22.214.171.124-r1'