[Security-team] Fwd: [SA20810] Mutt IMAP Namespace Buffer Overflow Vulnerability

Пн Июн 26 17:11:28 MSD 2006

	Здравствуйте.
Я, конечно, удалёнными недоверенными imapd не пользуюсь
при помощи mutt, но как-то он тоже последнее время начинает
напоминать местами решето =(

----- Forwarded message from Secunia Security Advisories <sec-adv/secunia.com> -----

Date: 26 Jun 2006 11:48:45 -0000
From: Secunia Security Advisories <sec-adv/secunia.com>
To: shigorin/gmail.com
Subject: [SA20810] Mutt IMAP Namespace Buffer Overflow Vulnerability

----------------------------------------------------------------------

TITLE:
Mutt IMAP Namespace Buffer Overflow Vulnerability

SECUNIA ADVISORY ID:
SA20810

VERIFY ADVISORY:
http://secunia.com/advisories/20810/

CRITICAL:
Moderately critical

IMPACT:
DoS, System access

WHERE:
>From remote

SOFTWARE:
Mutt 1.4.x
http://secunia.com/product/1305/

DESCRIPTION:
TAKAHASHI Tamotsu has reported a vulnerability in Mutt, which can be
exploited by malicious people to cause a DoS (Denial of Service) and
potentially compromise a user's system.

The vulnerability is caused due to a boundary error within the
"browse_get_namespace()" function in browse.c. This can be exploited
to cause a stack-based buffer overflow when processing an overly long
namespace from the IMAP server.

Successful exploitation crashes the application and may allow
arbitrary code execution, but requires that the user connects to a
malicious IMAP server.

The vulnerability has been reported in version 1.4.2.1. Prior
versions may also be affected.

SOLUTION:
The vulnerability has been fixed in the CVS repositories.

PROVIDED AND/OR DISCOVERED BY:
TAKAHASHI Tamotsu

ORIGINAL ADVISORY:
http://dev.mutt.org/cgi-bin/gitweb.cgi?p=mutt/.git;a=commit;h=dc0272b749f0e2b102973b7ac43dbd3908507540

----------------------------------------------------------------------

----- End forwarded message -----

-- 
 ---- WBR, Michael Shigorin <mike на altlinux.ru>
  ------ Linux.Kiev http://www.linux.kiev.ua/