nmh Buffer Overflow Vulnerability

It has been reported that a buffer overrun exists in versions 1.0.2 and prior of the nmh mailer. It is possible for a would be attacker to craft a MIME message in such a way as to cause the mhshow command to execute arbitary code when viewed. This could potentially lead to remote access for an attacker on the machine the mail is being read on.

Exact details on this vulnerability were not made public.


Privacy Statement
Copyright 2010, SecurityFocus