CPANSA-Mail-Mailer-2002-1271: MailTools vulnerability
| Publisher | giterlizzi | Document category | csaf_security_advisory |
|---|---|---|---|
| Initial release date | 2002-11-12T00:00:00 | Engine | CSAF Perl Toolkit 0.25 |
| Current release date | 2002-11-12T00:00:00 | Build Date | |
| Current version | 1 | Status | final |
| CVSS v3.1 Base Score | Severity | ||
| Original language | Language | en | |
| Also referred to | |||
Vulnerability Description
The Mail::Mailer Perl module in the perl-MailTools package 1.47 and earlier uses mailx as the default mailer, which allows remote attackers to execute arbitrary commands by inserting them into the mail body, which is then processed by mailx.
Vulnerabilities
CVE-2002-1271
Vulnerability DescriptionThe Mail::Mailer Perl module in the perl-MailTools package 1.47 and earlier uses mailx as the default mailer, which allows remote attackers to execute arbitrary commands by inserting them into the mail body, which is then processed by mailx.
Product status
Known affected
| Product | Score | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| MailTools less than 1.51 |
|
Fixed
- MailTools greater than or equal 1.51
giterlizzi
Namespace: https://github.com/giterlizzi/
gdt@cpan.org
References
- CPANSA-Mail-Mailer-2002-1271 JSON self
https://raw.githubusercontent.com/giterlizzi/perl-CPANSA-CSAF/develop/csaf/white/2002/cpansa-mail-mailer-2002-1271.json - http://www.iss.net/security_center/static/10548.php external
http://www.iss.net/security_center/static/10548.php - http://www.debian.org/security/2003/dsa-386 external
http://www.debian.org/security/2003/dsa-386 - http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-076.php external
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-076.php - http://www.novell.com/linux/security/advisories/2002_041_perl_mailtools.html external
http://www.novell.com/linux/security/advisories/2002_041_perl_mailtools.html - http://www.securityfocus.com/bid/6104 external
http://www.securityfocus.com/bid/6104 - http://marc.info/?l=bugtraq&m=103659723101369&w=2 external
http://marc.info/?l=bugtraq&m=103659723101369&w=2 - http://marc.info/?l=bugtraq&m=103679569705086&w=2 external
http://marc.info/?l=bugtraq&m=103679569705086&w=2 - CVE-2002-1271 (NVD) external
https://nvd.nist.gov/vuln/detail/CVE-2002-1271
Revision history
| Version | Date of the revision | Summary of the revision |
|---|---|---|
| 1 | Tue Nov 12 00:00:00 2002 | First release |
Sharing rules
TLP:WHITE
For the TLP version see: https://www.first.org/tlp/