Results 1 to 2 of 2

Thread: UnixWare exploitable buffer overrun in metamail

  1. #1
    Senior Member
    Join Date
    May 2003
    Posts
    472

    UnixWare exploitable buffer overrun in metamail

    i dont know how many persons might be using UnixWare and metamail....
    but for those who are using it.........
    http://www.zone-h.org/en/advisories/read/id=2897/
    Many buffer overflow conditions exist in version <= 2.7. The lack of boundary checks could lead to execution an arbitrary commands if the receiver processes the messages using the metamail package.


    Vulnerable Supported Versions
    ------------------------------------------

    Open UNIX 8.0.0 /usr/bin/metamail
    UnixWare 7.1.1 /usr/bin/metamail
    UnixWare 7.1.2 /usr/bin/metamail
    UnixWare 7.1.3 /usr/bin/metamail
    updated packages here : ftp://ftp.caldera.com/pub/updates/Un...SA-2003-SCO.15
    guru@linux:~> who I grep -i blonde I talk; cd ~; wine; talk; touch; unzip; touch; strip; gasp; finger; mount; fsck; more; yes; gasp; umount; make clean; sleep;

  2. #2
    Senior Member
    Join Date
    Jun 2003
    Posts
    723
    from the article- "The SCO group would like to thank Peter Maydell and the Debian Security team"
    Talk about altruism, the debian guys helping sco after the bs sco has pulled , wow Debian karma +10 , sco=should be embarrased
    Do unto others as you would have them do unto you.
    The international ban against torturing prisoners of war does not necessarily apply to suspects detained in America\'s war on terror, Attorney General John Ashcroft told a Senate oversight committee
    -- true colors revealed, a brown shirt and jackboots

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •