SciLinux: CVE-2006-5297 mutt SL5.x, SL4.x, SL3,x i386/x86_64
Summary
Date: Mon, 4 Jun 2007 15:33:58 -0500Reply-To: Troy DawsonSender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA for mutt on SL5.x, SL4.x, SL3,x i386/x86_64Comments: To: scientific-linux-errata@fnal.govSynopsis: Moderate: mutt security updateIssue date: 2007-06-04CVE Names: CVE-2006-5297 CVE-2007-1558 CVE-2007-2683A flaw was found in the way Mutt used temporary files on NFS file systems.Due to an implementation issue in the NFS protocol, Mutt was not able toexclusively open a new file. A local attacker could conduct atime-dependent attack and possibly gain access to e-mail attachments openedby a victim. (CVE-2006-5297)A flaw was found in the way Mutt processed certain APOP authenticationrequests. By sending certain responses when mutt attempted to authenticateagainst an APOP server, a remote attacker could potentially acquire certainportions of a user's authentication credentials. (CVE-2007-1558)A flaw was found in the way Mutt handled certain characters in gecos fieldswhich could lead to a buffer overflow. The gecos field is an entry in thepassword database typically used to record general information about theuser. A local attacker could give themselves a carefully crafted "RealName" which could execute arbitrary code if a victim uses Mutt and expandsthe attackers alias. (CVE-2007-2683)SL 3.0.x SRPMS: mutt-1.4.1-5.el3.src.rpm i386: mutt-1.4.1-5.el3.i386.rpm x86_64: mutt-1.4.1-5.el3.x86_64.rpmSL 4.x SRPMS: mutt-1.4.1-12.0.3.el4.src.rpm i386: mutt-1.4.1-12.0.3.el4.i386.rpm x86_64: mutt-1.4.1-12.0.3.el4.x86_64.rpmSL 5.x SRPMS: mutt-1.4.2.2-3.0.2.el5.src.rpm i386: mutt-1.4.2.2-3.0.2.el5.i386.rpm x86_64: mutt-1.4.2.2-3.0.2.el5.x86_64.rpm-Connie Sieh-Troy Dawson