Scientific Linux: CVE-2006-5297 Moderate Mutt Security Update

Date: Mon, 4 Jun 2007 15:33:58 -0500
Reply-To: Troy Dawson 
Sender: Security Errata for Scientific Linux
 
From: Troy Dawson 
Subject: Security ERRATA for mutt on SL5.x, SL4.x, SL3,x i386/x86_64
Comments: To: This email address is being protected from spambots. You need JavaScript enabled to view it.

Synopsis:	Moderate: mutt security update
Issue date:	2007-06-04
CVE Names:	CVE-2006-5297 CVE-2007-1558 CVE-2007-2683

A flaw was found in the way Mutt used temporary files on NFS file systems.
Due to an implementation issue in the NFS protocol, Mutt was not able to
exclusively open a new file. A local attacker could conduct a
time-dependent attack and possibly gain access to e-mail attachments opened
by a victim. (CVE-2006-5297)

A flaw was found in the way Mutt processed certain APOP authentication
requests. By sending certain responses when mutt attempted to authenticate
against an APOP server, a remote attacker could potentially acquire certain
portions of a user's authentication credentials. (CVE-2007-1558)

A flaw was found in the way Mutt handled certain characters in gecos fields
which could lead to a buffer overflow. The gecos field is an entry in the
password database typically used to record general information about the
user. A local attacker could give themselves a carefully crafted "Real
Name" which could execute arbitrary code if a victim uses Mutt and expands
the attackers alias. (CVE-2007-2683)

SL 3.0.x

 SRPMS:
	mutt-1.4.1-5.el3.src.rpm
 i386:
	mutt-1.4.1-5.el3.i386.rpm
 x86_64:
	mutt-1.4.1-5.el3.x86_64.rpm

SL 4.x

 SRPMS:
	mutt-1.4.1-12.0.3.el4.src.rpm
 i386:
	mutt-1.4.1-12.0.3.el4.i386.rpm
 x86_64:
	mutt-1.4.1-12.0.3.el4.x86_64.rpm

SL 5.x

 SRPMS:
	mutt-1.4.2.2-3.0.2.el5.src.rpm
 i386:
	mutt-1.4.2.2-3.0.2.el5.i386.rpm
 x86_64:
	mutt-1.4.2.2-3.0.2.el5.x86_64.rpm

-Connie Sieh
-Troy Dawson