oss-sec mailing list archives

Re: mpack 1.6 allows eavesdropping on mails sent by other users

From: Sebastian Pipping <sebastian () pipping org>
Date: Sun, 01 Jan 2012 17:30:04 +0100

On 12/31/2011 08:39 PM, Sebastian Pipping wrote:

Affected distros
================
So far I have superficially tested the latest editions of three major
distros.  The results:

 - Debian (1.6-7):   vulnerable

 - Gentoo (1.6-r1):  vulnerable

 - FreeBSD (1.6):    vulnerable  (part 2 and after if split,
                                  see details)


Add to that list:

   - OpenBSD (1.5):    vulnerable  (part 2 and after)

   - Gentoo (1.5):     vulnerable

   - Gentoo (1.5-r1):  vulnerable  (part 2 and after)

Best,



Sebastian

Current thread:

Re: mpack 1.6 allows eavesdropping on mails sent by other users Sebastian Pipping (Jan 01)
- <Possible follow-ups>
- Re: mpack 1.6 allows eavesdropping on mails sent by other users Sebastian Pipping (Jan 18)