FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

sympa -- buffer overflow in "queue"

Affected packages
sympa < 4.1.2_1

Details

VuXML ID 0d9ba03b-0dbb-42b4-ae0f-60e27af78e22
Discovery 2005-02-11
Entry 2005-06-01

Erik Sjölund discovered a vulnerabilitiy in Sympa. The queue application processes messages received via aliases. It contains a buffer overflow in the usage of sprintf. In some configurations, it may allow an attacker to execute arbitrary code as the sympa user.

References

CVE Name CVE-2005-0073
URL http://www.debian.org/security/2005/dsa-677