Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1271

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-1271
Last Modified 10 Sep 2008 03:14:13
Published 12 Nov 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1271

Summary

The Mail::Mailer Perl module in the perl-MailTools package 1.47 and earlier uses mailx as the default mailer, which allows remote attackers to execute arbitrary commands by inserting them into the mail body, which is then processed by mailx.

Vulnerable Systems

Application

  • Perl-mailtools 1.13

  • Perl-mailtools 1.1401

  • Perl-mailtools 1.15

  • Perl-mailtools 1.40

  • Perl-mailtools 1.42

  • Perl-mailtools 1.44

  • Perl-mailtools 1.47


References

BUGTRAQ - 20021106 GLSA: MailTools

XF - mail-mailer-command-execution(10548)

BID - 6104

SUSE - SuSE-SA:2002:041

MANDRAKE - MDKSA-2002:076

DEBIAN - DSA-386

BUGTRAQ - 20021108 [Security Announce] Re: MDKSA-2002:076 - perl-MailTools update


Last Updated: 27 May 2016 10:37:16