Vulnerability: Hypermail

An exploitable buffer overflow exists in Hypermail's main program, hypermail, and in Hypermail's CGI program mail.

The overflow in hypermail can be exploited by sending e-mails to the program, depending on hypermail's configuration. The overflow in mail can be exploited by setting up a DNS server with rogue data and then surfing to the CGI program.

Known vulnerable versions of Hypermail are 2.1.3, 2.1.4 and 2.1.5. Version 2.1.6 is not affected.

To upgrade via the vendor's Web site, click here.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about CGI

Show Comments