Ubuntu Update For Procmail USN-2340-1 Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Tavis Ormandy discovered that the formail tool incorrectly handled certain malformed mail headers. An attacker could use this flaw to cause formail to crash, resulting in a denial of service, or possibly execute arbitrary code.

Affected

procmail on Ubuntu 14.04 LTS , Ubuntu 12.04 LTS , Ubuntu 10.04 LTS

Severity

Classification

CVE CVE-2014-3618

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Ubuntu Update for debian-goodies vulnerability USN-526-1
Ubuntu Update for cupsys vulnerabilities USN-563-1
Ubuntu Update for bash USN-2363-1
Ubuntu Update for apache2 USN-1199-1
Ubuntu Update for devscripts USN-1366-1

Ubuntu Update for procmail USN-2340-1

Take action and discover your vulnerabilities