[Frugalware-security] [ FSA-37 ] mutt-devel

voroskoi noreply at frugalware.org
Mon Nov 6 10:42:28 CET 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Frugalware Security Advisory                           FSA-37

Date: 2006-11-06
Package: mutt-devel
Vulnerable versions: <= 1.5.12-1
Unaffected versions: >= 1.5.12-2siwenna1
Related bugreport: http://bugs.frugalware.org/task/1399
CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5297
			http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5298

Description
===========

Some weaknesses have been reported in mutt, which potentially can be exploited by malicious, local users to perform certain actions with escalated privileges.
1) The &quot;safe_open()&quot; function insecurely creates temporary files on NFS directories, because the O_EXEC flag is not always correctly honored. This may be exploited to overwrite arbitrary files.
2) A race condition exists within the &quot;mutt_adv_mktemp()&quot; function between calling &quot;mktemp()&quot; and &quot;safe_fopen()&quot;. This may be exploited to create files with weak permissions.

Updated Packages
================

Check if you have mutt-devel installed:

	# pacman -Q mutt-devel

If found, then you should upgrade to the latest version:

	# pacman -Sy mutt-devel

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: See http://ftp.frugalware.org/pub/README.GPG for info

iD4DBQFFTwOEZ7NElSD1VhkRAlTuAJdaX9TMwTsdCcHRKmYhkAYiWu4BAJ9i39eu
JOFefS8UWnQNJ6tkkTOKbw==
=KzZN
-----END PGP SIGNATURE-----


More information about the Frugalware-security mailing list