Multiple buffer overflows in Hypermail 2 before 2.1.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code (1) via a long attachment filename that is not properly handled by the hypermail executable, or (2) by connecting to the mail CGI program from an IP address that reverse-resolves to a long hostname.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| hypermail | hypermail | 2.0b25 |
| hypermail | hypermail | 2.1.1 |
| hypermail | hypermail | 2.1.5 |
| hypermail | hypermail | 2.1_.0 |
| hypermail | hypermail | 2.1.2 |
| hypermail | hypermail | 2.1.4 |
| hypermail | hypermail | 2.1.3 |