Home page logo
/

bugtraq logo Bugtraq mailing list archives

nmh security update
From: ruud () RUUD ORG (Ruud de Rooij)
Date: Mon, 28 Feb 2000 18:38:05 +0100


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Versions prior to 1.0.3 of the nmh package contained a vulnerability
where incoming mail messages with carefully designed MIME headers could
cause nmh's mhshow command to execute arbitrary shell code.

This bug has been fixed in nmh 1.0.3 and we encourage you to upgrade
immediately.  The fixed package is available at

  ftp://ftp.mhost.com/pub/nmh/nmh-1.0.3.tar.gz

The MD5sum of nmh-1.0.3.tar.gz is 02519bf8f7ff8590ecfbee9f9500ea07.

For the nmh authors,

Ruud de Rooij.
- --
ruud de rooij | ruud () ruud org | ruud () debian org | http://ruud.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE4uq60gWpMJ0LP/ksRAohGAJ90IJAVvyF+ouPkWEFbi5bEFJrhZwCg2yoz
XhNPTGQCtLHmKGcMsEuOUCE=
=jZwy
-----END PGP SIGNATURE-----


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault