Bugtraq mailing list archives
nmh security update
From: ruud () RUUD ORG (Ruud de Rooij)
Date: Mon, 28 Feb 2000 18:38:05 +0100
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Versions prior to 1.0.3 of the nmh package contained a vulnerability where incoming mail messages with carefully designed MIME headers could cause nmh's mhshow command to execute arbitrary shell code. This bug has been fixed in nmh 1.0.3 and we encourage you to upgrade immediately. The fixed package is available at ftp://ftp.mhost.com/pub/nmh/nmh-1.0.3.tar.gz The MD5sum of nmh-1.0.3.tar.gz is 02519bf8f7ff8590ecfbee9f9500ea07. For the nmh authors, Ruud de Rooij. - -- ruud de rooij | ruud () ruud org | ruud () debian org | http://ruud.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.1 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE4uq60gWpMJ0LP/ksRAohGAJ90IJAVvyF+ouPkWEFbi5bEFJrhZwCg2yoz XhNPTGQCtLHmKGcMsEuOUCE= =jZwy -----END PGP SIGNATURE-----
Current thread:
- Re: BID 994, MS00-010 (Site Server Commerce Edition non-validated SQL inputs) Bertrand Schmitt (Feb 26)
- Re: BID 994,MS00-010 (Site Server Commerce Edition non-validated SQL inputs) Jefferson Ogata (Feb 28)
- <Possible follow-ups>
- Re: BID 994, MS00-010 (Site Server Commerce Edition non-validated SQL inputs) Smith, Eric V. (Feb 28)
- nmh security update Ruud de Rooij (Feb 28)
- EZshopper version 3.0 - Last followup Servio Medina (Feb 28)
- ht://Dig remote information exposure Geoff Hutchison (Feb 28)
- All the recent SQL vulnerabilities Duncan Simpson (Feb 28)
- HP Omniback remote DoS Jon (Feb 28)
- Re: BID 994, MS00-010 (Site Server Commerce Edition non-validated SQL inputs) Nick Southwell (Feb 29)