Description
BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted email address.
Affected products
- BSD / mailx8.1.2 and earlier – 8.1.2 and earlier
References
- MAILING_LISThttp://seclists.org/oss-sec/2014/q4/1066
- VENDOR_ADVISORYhttp://linux.oracle.com/errata/ELSA-2014-1999.html
- VENDOR_ADVISORYhttp://www.debian.org/security/2014/dsa-3104
- VENDOR_ADVISORYhttp://www.debian.org/security/2014/dsa-3105
- MISChttp://rhn.redhat.com/errata/RHSA-2014-1999.html