[Security-team] Fwd: [SA20810] Mutt IMAP Namespace Buffer Overflow Vulnerability
Michael Shigorin
=?iso-8859-1?q?mike_=CE=C1_osdn=2Eorg=2Eua?=
Пн Июн 26 17:11:28 MSD 2006
Здравствуйте.
Я, конечно, удалёнными недоверенными imapd не пользуюсь
при помощи mutt, но как-то он тоже последнее время начинает
напоминать местами решето =(
----- Forwarded message from Secunia Security Advisories <sec-adv/secunia.com> -----
Date: 26 Jun 2006 11:48:45 -0000
From: Secunia Security Advisories <sec-adv/secunia.com>
To: shigorin/gmail.com
Subject: [SA20810] Mutt IMAP Namespace Buffer Overflow Vulnerability
----------------------------------------------------------------------
TITLE:
Mutt IMAP Namespace Buffer Overflow Vulnerability
SECUNIA ADVISORY ID:
SA20810
VERIFY ADVISORY:
http://secunia.com/advisories/20810/
CRITICAL:
Moderately critical
IMPACT:
DoS, System access
WHERE:
>From remote
SOFTWARE:
Mutt 1.4.x
http://secunia.com/product/1305/
DESCRIPTION:
TAKAHASHI Tamotsu has reported a vulnerability in Mutt, which can be
exploited by malicious people to cause a DoS (Denial of Service) and
potentially compromise a user's system.
The vulnerability is caused due to a boundary error within the
"browse_get_namespace()" function in browse.c. This can be exploited
to cause a stack-based buffer overflow when processing an overly long
namespace from the IMAP server.
Successful exploitation crashes the application and may allow
arbitrary code execution, but requires that the user connects to a
malicious IMAP server.
The vulnerability has been reported in version 1.4.2.1. Prior
versions may also be affected.
SOLUTION:
The vulnerability has been fixed in the CVS repositories.
PROVIDED AND/OR DISCOVERED BY:
TAKAHASHI Tamotsu
ORIGINAL ADVISORY:
http://dev.mutt.org/cgi-bin/gitweb.cgi?p=mutt/.git;a=commit;h=dc0272b749f0e2b102973b7ac43dbd3908507540
----------------------------------------------------------------------
----- End forwarded message -----
--
---- WBR, Michael Shigorin <mike на altlinux.ru>
------ Linux.Kiev http://www.linux.kiev.ua/
Подробная информация о списке рассылки Security-team