Mandriva Linux Security Advisory : nail (MDVSA-2015:011)
High Nessus Plugin ID 80430
SynopsisThe remote Mandriva Linux host is missing a security update.
DescriptionUpdated nail package fixes security vulnerabilities :
A flaw was found in the way mailx handled the parsing of email addresses. A syntactically valid email address could allow a local attacker to cause mailx to execute arbitrary shell commands through shell meta-characters and the direct command execution functionality (CVE-2004-2771, CVE-2014-7844).
SolutionUpdate the affected nail package.