The AMaViS virus scanner 0.2.0-pre4 and earlier allows remote attackers to execute arbitrary commands as root via an infected mail message with shell metacharacters in the reply-to field.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| amavis | virus_scanner | * |
securetar, as used in AMaViS shell script 0.2.1 and earlier, allows users to cause a denial of service (CPU consumption) via a malformed TAR file, possibly via an incorrect file size parameter.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| amavis | virus_scanner | * |