From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <combr@vesna.ru>
From: Mike Lykov <combr@vesna.ru>
Organization: Vesna
To: community@altlinux.ru
Date: Wed, 4 Jun 2003 08:57:06 +0500
User-Agent: KMail/1.5
MIME-Version: 1.0
Content-Type: text/plain;
  charset="koi8-r"
Content-Transfer-Encoding: 8bit
Content-Disposition: inline
Message-Id: <200306040857.06543.combr@vesna.ru>
Subject: [Comm] =?koi8-r?b?z9vJwsvBINcgL2Jpbi9tYWlsIC0gYnVmZmVy?= overrun
Sender: community-admin@altlinux.ru
Errors-To: community-admin@altlinux.ru
X-BeenThere: community@altlinux.ru
X-Mailman-Version: 2.0.9
Precedence: bulk
Reply-To: community@altlinux.ru
X-Reply-To: combr@vesna.ru
List-Unsubscribe: <http://www.altlinux.ru/mailman/listinfo/community>,
	<mailto:community-request@altlinux.ru?subject=unsubscribe>
List-Id: <community.altlinux.ru>
List-Post: <mailto:community@altlinux.ru>
List-Help: <mailto:community-request@altlinux.ru?subject=help>
List-Subscribe: <http://www.altlinux.ru/mailman/listinfo/community>,
	<mailto:community-request@altlinux.ru?subject=subscribe>
List-Archive: <http://www.altlinux.ru/pipermail/community/>
Archived-At: <http://lore.altlinux.org/community/200306040857.06543.combr@vesna.ru/>
List-Archive: <http://lore.altlinux.org/community/>
List-Post: <mailto:mandrake-russian@linuxteam.iplabs.ru>

http://www.securityfocus.com/bid/7760/discussion/

A vulnerability has been discovered in the Linux /bin/mail utility. The 
problem occurs when processing excessive data within the carbon copy field. 
Due to insufficient bounds checking while parsing this information it may be 
possible to trigger a buffer overrun. 
 
An attacker could exploit this issue to execute arbitrary commands. It should 
be noted that local exploitation may be inconsequential, however a malicious 
e-mail message or CGI interface could be a sufficient conduit for remote 
exploitation.

-- vulnerable
RedHat Linux 9.0 i386
Slackware Linux 8.1

not vulnerable
Slackware Linux 9.0

А как насчет ALT Linux ? 

-- 
Mike