Ulf HÃ¤rnhammar discovered two integer overflow bugs and two buffer
overflow bugs in versions of Metamail up to and including 2.7. An
attacker could create a carefully crafted message such that when it is
opened by a victim and parsed through Metamail it runs arbitrary code
as the victim.
Please note that Red Hat Enterprise Linux 3 does not contain Metamail
and is therefore not vulnerable to these issues.
Embargoed until Feb18 2004
RHSA-2004:074 in progress with metamail-2.7-29 packages.
An errata has been issued which should help the problem described in this bug report.
This report is therefore being closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files, please follow the link below. You may reopen
this bug report if the solution does not work for you.
(removing embargo on bug entry)