Local exploit in courier-mta package
Package: courier-mta
Version: 0.36.1-2
Severity: critical
A hand-crafted .courier file can be used to insert \r characters in the
message queue file. A bug in the function that reads message queue files
subsequently results in memory corruption.
This exploit is fixed in 0.37.2 upstream, I'll upload an upgraded
version ASAP.
Ciao
Racke
--
For projects and other business stuff please refer to COBOLT NetServices
(URL: http://www.cobolt.net; Email: info@cobolt.net; Phone: 0041-1-3884400)
Reply to: