Vulnerabilities > CVE-2006-3242 - Unspecified vulnerability in Mutt 1.4.2/1.4.2.1
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN mutt
nessus
Summary
Stack-based buffer overflow in the browse_get_namespace function in imap/browse.c of Mutt 1.4.2.1 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via long namespaces received from the IMAP server.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Nessus
NASL family SuSE Local Security Checks NASL id SUSE9_11094.NASL description Mutt has a buffer overflow in IMAP namespace parsing code which may open a possible remote vulnerability. (CVE-2006-3242) last seen 2020-06-01 modified 2020-06-02 plugin id 41094 published 2009-09-24 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/41094 title SuSE9 Security Update : mutt (YOU Patch Number 11094) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The text description of this plugin is (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(41094); script_version("1.7"); script_cvs_date("Date: 2019/10/25 13:36:28"); script_cve_id("CVE-2006-3242"); script_name(english:"SuSE9 Security Update : mutt (YOU Patch Number 11094)"); script_summary(english:"Checks rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 9 host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "Mutt has a buffer overflow in IMAP namespace parsing code which may open a possible remote vulnerability. (CVE-2006-3242)" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2006-3242/" ); script_set_attribute(attribute:"solution", value:"Apply YOU patch number 11094."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2006/07/03"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/09/24"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled."); if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE."); if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages."); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) exit(1, "Failed to determine the architecture type."); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 9 on the '"+cpu+"' architecture have not been implemented."); flag = 0; if (rpm_check(release:"SUSE9", reference:"mutt-1.5.6i-64.9")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else exit(0, "The host is not affected.");
NASL family Fedora Local Security Checks NASL id FEDORA_2006-1061.NASL description - Tue Oct 24 2006 Miroslav Lichvar <mlichvar at redhat.com> 5:1.4.2.1-7.fc5 - fix insecure temp file creation on NFS (#211085, CVE-2006-5297) - Thu Jun 29 2006 Miroslav Lichvar <mlichvar at redhat.com> 5:1.4.2.1-6.3.fc5 - fix a buffer overflow when processing IMAP namespace (#197152, CVE-2006-3242) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 24036 published 2007-01-17 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/24036 title Fedora Core 5 : mutt-1.4.2.1-7.fc5 (2006-1061) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2006-1061. # include("compat.inc"); if (description) { script_id(24036); script_version ("1.14"); script_cvs_date("Date: 2019/08/02 13:32:24"); script_xref(name:"FEDORA", value:"2006-1061"); script_name(english:"Fedora Core 5 : mutt-1.4.2.1-7.fc5 (2006-1061)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora Core host is missing a security update." ); script_set_attribute( attribute:"description", value: " - Tue Oct 24 2006 Miroslav Lichvar <mlichvar at redhat.com> 5:1.4.2.1-7.fc5 - fix insecure temp file creation on NFS (#211085, CVE-2006-5297) - Thu Jun 29 2006 Miroslav Lichvar <mlichvar at redhat.com> 5:1.4.2.1-6.3.fc5 - fix a buffer overflow when processing IMAP namespace (#197152, CVE-2006-3242) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); # https://lists.fedoraproject.org/pipermail/package-announce/2006-October/000675.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?9759cbe1" ); script_set_attribute( attribute:"solution", value:"Update the affected mutt and / or mutt-debuginfo packages." ); script_set_attribute(attribute:"risk_factor", value:"High"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:mutt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:mutt-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora_core:5"); script_set_attribute(attribute:"patch_publication_date", value:"2006/10/24"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/01/17"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 5.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC5", reference:"mutt-1.4.2.1-7.fc5")) flag++; if (rpm_check(release:"FC5", reference:"mutt-debuginfo-1.4.2.1-7.fc5")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mutt / mutt-debuginfo"); }
NASL family Fedora Local Security Checks NASL id FEDORA_2006-760.NASL description - Thu Jun 29 2006 Miroslav Lichvar <mlichvar at redhat.com> 5:1.4.2.1-6.3.fc5 - fix a buffer overflow when processing IMAP namespace (#197152, CVE-2006-3242) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 24135 published 2007-01-17 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/24135 title Fedora Core 5 : mutt-1.4.2.1-6.3.fc5 (2006-760) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2006-760. # include("compat.inc"); if (description) { script_id(24135); script_version ("1.14"); script_cvs_date("Date: 2019/08/02 13:32:25"); script_xref(name:"FEDORA", value:"2006-760"); script_name(english:"Fedora Core 5 : mutt-1.4.2.1-6.3.fc5 (2006-760)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora Core host is missing a security update." ); script_set_attribute( attribute:"description", value: " - Thu Jun 29 2006 Miroslav Lichvar <mlichvar at redhat.com> 5:1.4.2.1-6.3.fc5 - fix a buffer overflow when processing IMAP namespace (#197152, CVE-2006-3242) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); # https://lists.fedoraproject.org/pipermail/package-announce/2006-June/000343.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?dc205c83" ); script_set_attribute( attribute:"solution", value:"Update the affected mutt and / or mutt-debuginfo packages." ); script_set_attribute(attribute:"risk_factor", value:"High"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:mutt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:mutt-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora_core:5"); script_set_attribute(attribute:"patch_publication_date", value:"2006/06/29"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/01/17"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 5.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC5", reference:"mutt-1.4.2.1-6.3.fc5")) flag++; if (rpm_check(release:"FC5", reference:"mutt-debuginfo-1.4.2.1-6.3.fc5")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mutt / mutt-debuginfo"); }
NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2006-115.NASL description A stack-based buffer overflow in the browse_get_namespace function in imap/browse.c of Mutt allows remote attackers to cause a denial of service (crash) or execute arbitrary code via long namespaces received from the IMAP server. Updated packages have been patched to address this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 21777 published 2006-06-29 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/21777 title Mandrake Linux Security Advisory : mutt (MDKSA-2006:115) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandrake Linux Security Advisory MDKSA-2006:115. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(21777); script_version ("1.15"); script_cvs_date("Date: 2019/08/02 13:32:48"); script_cve_id("CVE-2006-3242"); script_xref(name:"MDKSA", value:"2006:115"); script_name(english:"Mandrake Linux Security Advisory : mutt (MDKSA-2006:115)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandrake Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "A stack-based buffer overflow in the browse_get_namespace function in imap/browse.c of Mutt allows remote attackers to cause a denial of service (crash) or execute arbitrary code via long namespaces received from the IMAP server. Updated packages have been patched to address this issue." ); script_set_attribute( attribute:"solution", value:"Update the affected mutt and / or mutt-utf8 packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mutt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:mutt-utf8"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2006"); script_set_attribute(attribute:"cpe", value:"x-cpe:/o:mandrakesoft:mandrake_linux:le2005"); script_set_attribute(attribute:"patch_publication_date", value:"2006/06/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2006/06/29"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2006-2019 Tenable Network Security, Inc."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK10.2", reference:"mutt-1.5.6i-5.1.102mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK10.2", reference:"mutt-utf8-1.5.6i-5.1.102mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2006.0", reference:"mutt-1.5.9i-9.1.20060mdk", yank:"mdk")) flag++; if (rpm_check(release:"MDK2006.0", reference:"mutt-utf8-1.5.9i-9.1.20060mdk", yank:"mdk")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2006-0577.NASL description Updated mutt packages that fix a security issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Mutt is a text-mode mail user agent. A buffer overflow flaw was found in the way Mutt processes an overly long namespace from a malicious imap server. In order to exploit this flaw a user would have to use Mutt to connect to a malicious IMAP server. (CVE-2006-3242) Users of Mutt are advised to upgrade to these erratum packages, which contain a backported patch to correct this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 22039 published 2006-07-13 reporter This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/22039 title CentOS 3 / 4 : mutt (CESA-2006:0577) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2006:0577 and # CentOS Errata and Security Advisory 2006:0577 respectively. # include("compat.inc"); if (description) { script_id(22039); script_version("1.15"); script_cvs_date("Date: 2019/10/25 13:36:03"); script_cve_id("CVE-2006-3242"); script_xref(name:"RHSA", value:"2006:0577"); script_name(english:"CentOS 3 / 4 : mutt (CESA-2006:0577)"); script_summary(english:"Checks rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote CentOS host is missing a security update." ); script_set_attribute( attribute:"description", value: "Updated mutt packages that fix a security issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Mutt is a text-mode mail user agent. A buffer overflow flaw was found in the way Mutt processes an overly long namespace from a malicious imap server. In order to exploit this flaw a user would have to use Mutt to connect to a malicious IMAP server. (CVE-2006-3242) Users of Mutt are advised to upgrade to these erratum packages, which contain a backported patch to correct this issue." ); # https://lists.centos.org/pipermail/centos-announce/2006-July/013001.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?ae865acd" ); # https://lists.centos.org/pipermail/centos-announce/2006-July/013005.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?778ae63c" ); # https://lists.centos.org/pipermail/centos-announce/2006-July/013010.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?ee1aa50e" ); # https://lists.centos.org/pipermail/centos-announce/2006-July/013011.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?f5563ca6" ); # https://lists.centos.org/pipermail/centos-announce/2006-July/013018.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?bf5a51c0" ); # https://lists.centos.org/pipermail/centos-announce/2006-July/013019.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?03aad93c" ); script_set_attribute(attribute:"solution", value:"Update the affected mutt package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:mutt"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:3"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:4"); script_set_attribute(attribute:"vuln_publication_date", value:"2006/06/27"); script_set_attribute(attribute:"patch_publication_date", value:"2006/07/13"); script_set_attribute(attribute:"plugin_publication_date", value:"2006/07/13"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"CentOS Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/CentOS/release"); if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS"); os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS"); os_ver = os_ver[1]; if (! preg(pattern:"^(3|4)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 3.x / 4.x", "CentOS " + os_ver); if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu); flag = 0; if (rpm_check(release:"CentOS-3", reference:"mutt-1.4.1-3.5.rhel3")) flag++; if (rpm_check(release:"CentOS-4", reference:"mutt-1.4.1-11.rhel4")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mutt"); }
NASL family SuSE Local Security Checks NASL id SUSE_MUTT-1701.NASL description Mutt had a buffer overflow in IMAP namespace parsing code which may open a possible remote vulnerability (CVE-2006-3242). last seen 2020-06-01 modified 2020-06-02 plugin id 27353 published 2007-10-17 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/27353 title openSUSE 10 Security Update : mutt (mutt-1701) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update mutt-1701. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(27353); script_version ("1.12"); script_cvs_date("Date: 2019/10/25 13:36:28"); script_cve_id("CVE-2006-3242"); script_name(english:"openSUSE 10 Security Update : mutt (mutt-1701)"); script_summary(english:"Check for the mutt-1701 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "Mutt had a buffer overflow in IMAP namespace parsing code which may open a possible remote vulnerability (CVE-2006-3242)." ); script_set_attribute(attribute:"solution", value:"Update the affected mutt package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:mutt"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.1"); script_set_attribute(attribute:"patch_publication_date", value:"2006/06/30"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/10/17"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE10\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "10.1", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE10.1", reference:"mutt-1.5.9i-27.4") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mutt"); }
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1108.NASL description It was discovered that the mutt mail reader performs insufficient validation of values returned from an IMAP server, which might overflow a buffer and potentially lead to the injection of arbitrary code. last seen 2020-06-01 modified 2020-06-02 plugin id 22650 published 2006-10-14 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/22650 title Debian DSA-1108-1 : mutt - buffer overflow code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-1108. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(22650); script_version("1.16"); script_cvs_date("Date: 2019/08/02 13:32:19"); script_cve_id("CVE-2006-3242"); script_xref(name:"DSA", value:"1108"); script_name(english:"Debian DSA-1108-1 : mutt - buffer overflow"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "It was discovered that the mutt mail reader performs insufficient validation of values returned from an IMAP server, which might overflow a buffer and potentially lead to the injection of arbitrary code." ); script_set_attribute( attribute:"see_also", value:"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=375828" ); script_set_attribute( attribute:"see_also", value:"http://www.debian.org/security/2006/dsa-1108" ); script_set_attribute( attribute:"solution", value: "Upgrade the mutt package. For the stable distribution (sarge) this problem has been fixed in version 1.5.9-2sarge2." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:mutt"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:3.1"); script_set_attribute(attribute:"patch_publication_date", value:"2006/07/11"); script_set_attribute(attribute:"plugin_publication_date", value:"2006/10/14"); script_set_attribute(attribute:"vuln_publication_date", value:"2006/06/19"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2006-2019 Tenable Network Security, Inc."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"3.1", prefix:"mutt", reference:"1.5.9-2sarge2")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2006-0577.NASL description Updated mutt packages that fix a security issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Mutt is a text-mode mail user agent. A buffer overflow flaw was found in the way Mutt processes an overly long namespace from a malicious imap server. In order to exploit this flaw a user would have to use Mutt to connect to a malicious IMAP server. (CVE-2006-3242) Users of Mutt are advised to upgrade to these erratum packages, which contain a backported patch to correct this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 22045 published 2006-07-13 reporter This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/22045 title RHEL 2.1 / 3 / 4 : mutt (RHSA-2006:0577) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2006:0577. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(22045); script_version ("1.22"); script_cvs_date("Date: 2019/10/25 13:36:12"); script_cve_id("CVE-2006-3242"); script_xref(name:"RHSA", value:"2006:0577"); script_name(english:"RHEL 2.1 / 3 / 4 : mutt (RHSA-2006:0577)"); script_summary(english:"Checks the rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing a security update." ); script_set_attribute( attribute:"description", value: "Updated mutt packages that fix a security issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Mutt is a text-mode mail user agent. A buffer overflow flaw was found in the way Mutt processes an overly long namespace from a malicious imap server. In order to exploit this flaw a user would have to use Mutt to connect to a malicious IMAP server. (CVE-2006-3242) Users of Mutt are advised to upgrade to these erratum packages, which contain a backported patch to correct this issue." ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/security/cve/cve-2006-3242" ); script_set_attribute( attribute:"see_also", value:"https://access.redhat.com/errata/RHSA-2006:0577" ); script_set_attribute(attribute:"solution", value:"Update the affected mutt package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:mutt"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:2.1"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:3"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:4"); script_set_attribute(attribute:"vuln_publication_date", value:"2006/06/27"); script_set_attribute(attribute:"patch_publication_date", value:"2006/07/12"); script_set_attribute(attribute:"plugin_publication_date", value:"2006/07/13"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat"); os_ver = os_ver[1]; if (! preg(pattern:"^(2\.1|3|4)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 2.1 / 3.x / 4.x", "Red Hat " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo"); if (!empty_or_null(yum_updateinfo)) { rhsa = "RHSA-2006:0577"; yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa); if (!empty_or_null(yum_report)) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : yum_report ); exit(0); } else { audit_message = "affected by Red Hat security advisory " + rhsa; audit(AUDIT_OS_NOT, audit_message); } } else { flag = 0; if (rpm_check(release:"RHEL2.1", cpu:"i386", reference:"mutt-1.2.5.1-2.rhel21")) flag++; if (rpm_check(release:"RHEL3", reference:"mutt-1.4.1-3.5.rhel3")) flag++; if (rpm_check(release:"RHEL4", reference:"mutt-1.4.1-11.rhel4")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : rpm_report_get() + redhat_report_package_caveat() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mutt"); } }
NASL family Fedora Local Security Checks NASL id FEDORA_2006-1063.NASL description - Tue Oct 24 2006 Miroslav Lichvar <mlichvar at redhat.com> 5:1.4.2.2-3 - fix insecure temp file creation on NFS (#211085, CVE-2006-5297) - Thu Aug 3 2006 Miroslav Lichvar <mlichvar at redhat.com> 5:1.4.2.2-2 - fix a SASL authentication bug (#199591) - Mon Jul 17 2006 Miroslav Lichvar <mlichvar at redhat.com> 5:1.4.2.2-1 - update to 1.4.2.2 - fix directories in manual.txt (#162207) - drop bcc patch (#197408) - don last seen 2020-06-01 modified 2020-06-02 plugin id 24037 published 2007-01-17 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/24037 title Fedora Core 6 : mutt-1.4.2.2-3.fc6 (2006-1063) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2006-1063. # if (NASL_LEVEL < 3000) exit(0); include("compat.inc"); if (description) { script_id(24037); script_version ("1.14"); script_cvs_date("Date: 2019/08/02 13:32:24"); script_xref(name:"FEDORA", value:"2006-1063"); script_name(english:"Fedora Core 6 : mutt-1.4.2.2-3.fc6 (2006-1063)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora Core host is missing a security update." ); script_set_attribute( attribute:"description", value: " - Tue Oct 24 2006 Miroslav Lichvar <mlichvar at redhat.com> 5:1.4.2.2-3 - fix insecure temp file creation on NFS (#211085, CVE-2006-5297) - Thu Aug 3 2006 Miroslav Lichvar <mlichvar at redhat.com> 5:1.4.2.2-2 - fix a SASL authentication bug (#199591) - Mon Jul 17 2006 Miroslav Lichvar <mlichvar at redhat.com> 5:1.4.2.2-1 - update to 1.4.2.2 - fix directories in manual.txt (#162207) - drop bcc patch (#197408) - don't package flea - Wed Jul 12 2006 Jesse Keating <jkeating at redhat.com> - 5:1.4.2.1-7.1 - rebuild - Thu Jun 29 2006 Miroslav Lichvar <mlichvar at redhat.com> 5:1.4.2.1-7 - fix a buffer overflow when processing IMAP namespace (#197152, CVE-2006-3242) - Fri Feb 10 2006 Jesse Keating <jkeating at redhat.com> - 5:1.4.2.1-6.2.1 - bump again for double-long bug on ppc(64) - Tue Feb 7 2006 Jesse Keating <jkeating at redhat.com> - 5:1.4.2.1-6.2 - rebuilt for new gcc4.1 snapshot and glibc changes - Fri Dec 9 2005 Jesse Keating <jkeating at redhat.com> - rebuilt - Wed Nov 9 2005 Bill Nottingham <notting at redhat.com> 5:1.4.2.1-6 - rebuild against new ssl libs - Thu Oct 27 2005 Bill Nottingham <notting at redhat.com> 5:1.4.2.1-5 - add patch from 1.5 branch to fix SASL logging (#157251, #171528) - Fri Aug 26 2005 Bill Nottingham <notting at redhat.com> 5:1.4.2.1-3 - add patch from 1.5 branch to fix base64 decoding (#166718) - Mon Mar 7 2005 Bill Nottingham <notting at redhat.com> 5:1.4.2.1-2 - rebuild against new openssl - fix build with gcc4 - Thu Jan 27 2005 Bill Nottingham <notting at redhat.com> 5:1.4.2.1-1 - update to 1.4.2.1 (#141007, <moritz at barsnick.net>) - include a /etc/Muttrc.local for site config (#123109) - add <f2> as a additional help key for terminals that use <f1> internally (#139277) - Wed Sep 15 2004 Nalin Dahyabhai <nalin at redhat.com> 5:1.4.1-10 - expect the server to prompt for additional auth data if we have some to send (#129961, upstream #1845) - use 'pop' as the service name instead of 'pop-3' when using SASL for POP, per rfc1734 - Fri Aug 13 2004 Bill Nottingham <notting at redhat.com> 5:1.4.1-9 - set write_bcc to no by default (since we ship exim) - build against sasl2 (#126724) - Mon Jun 28 2004 Bill Nottingham <notting at redhat.com> - remove autosplat patch (#116769) - Tue Jun 15 2004 Elliot Lee <sopwith at redhat.com> - rebuilt - Tue Jun 8 2004 Bill Nottingham <notting at redhat.com> 5:1.4.1-7 - link urlview against ncursesw (fixes #125530, indirectly) - Fri Feb 13 2004 Elliot Lee <sopwith at redhat.com> - rebuilt - Tue Jan 27 2004 Bill Nottingham <notting at redhat.com> 5:1.4.1-5 [plus 179 lines in the Changelog] Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); # https://lists.fedoraproject.org/pipermail/package-announce/2006-October/000686.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?a546de0a" ); script_set_attribute( attribute:"solution", value:"Update the affected mutt and / or mutt-debuginfo packages." ); script_set_attribute(attribute:"risk_factor", value:"High"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:mutt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:mutt-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora_core:6"); script_set_attribute(attribute:"patch_publication_date", value:"2006/10/24"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/01/17"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 6.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC6", reference:"mutt-1.4.2.2-3.fc6")) flag++; if (rpm_check(release:"FC6", reference:"mutt-debuginfo-1.4.2.2-3.fc6")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mutt / mutt-debuginfo"); }
NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-307-1.NASL description TAKAHASHI Tamotsu discovered that mutt last seen 2020-06-01 modified 2020-06-02 plugin id 27882 published 2007-11-10 reporter Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/27882 title Ubuntu 5.04 / 5.10 / 6.06 LTS : mutt vulnerability (USN-307-1) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-307-1. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(27882); script_version("1.14"); script_cvs_date("Date: 2019/08/02 13:33:01"); script_cve_id("CVE-2006-3242"); script_xref(name:"USN", value:"307-1"); script_name(english:"Ubuntu 5.04 / 5.10 / 6.06 LTS : mutt vulnerability (USN-307-1)"); script_summary(english:"Checks dpkg output for updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Ubuntu host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "TAKAHASHI Tamotsu discovered that mutt's IMAP backend did not sufficiently check the validity of namespace strings. If an user connects to a malicious IMAP server, that server could exploit this to crash mutt or even execute arbitrary code with the privileges of the mutt user. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://usn.ubuntu.com/307-1/" ); script_set_attribute(attribute:"solution", value:"Update the affected mutt package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:mutt"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:5.04"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:5.10"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:6.06:-:lts"); script_set_attribute(attribute:"patch_publication_date", value:"2006/06/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/11/10"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("misc_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! ereg(pattern:"^(5\.04|5\.10|6\.06)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 5.04 / 5.10 / 6.06", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); flag = 0; if (ubuntu_check(osver:"5.04", pkgname:"mutt", pkgver:"1.5.6-20040907+2ubuntu0.1")) flag++; if (ubuntu_check(osver:"5.10", pkgname:"mutt", pkgver:"1.5.9-2ubuntu1.1")) flag++; if (ubuntu_check(osver:"6.06", pkgname:"mutt", pkgver:"1.5.11-3ubuntu2.1")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mutt"); }
NASL family Fedora Local Security Checks NASL id FEDORA_2006-761.NASL description - Thu Jun 29 2006 Miroslav Lichvar <mlichvar at redhat.com> 5:1.4.2.1-5.fc4 - fix a buffer overflow when processing IMAP namespace (#197152, CVE-2006-3242) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 24136 published 2007-01-17 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/24136 title Fedora Core 4 : mutt-1.4.2.1-5.fc4 (2006-761) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2006-761. # include("compat.inc"); if (description) { script_id(24136); script_version ("1.14"); script_cvs_date("Date: 2019/08/02 13:32:25"); script_xref(name:"FEDORA", value:"2006-761"); script_name(english:"Fedora Core 4 : mutt-1.4.2.1-5.fc4 (2006-761)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora Core host is missing a security update." ); script_set_attribute( attribute:"description", value: " - Thu Jun 29 2006 Miroslav Lichvar <mlichvar at redhat.com> 5:1.4.2.1-5.fc4 - fix a buffer overflow when processing IMAP namespace (#197152, CVE-2006-3242) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); # https://lists.fedoraproject.org/pipermail/package-announce/2006-June/000344.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?cd9cd9d4" ); script_set_attribute( attribute:"solution", value:"Update the affected mutt and / or mutt-debuginfo packages." ); script_set_attribute(attribute:"risk_factor", value:"High"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:mutt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:mutt-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora_core:4"); script_set_attribute(attribute:"patch_publication_date", value:"2006/06/29"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/01/17"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^4([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 4.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC4", reference:"mutt-1.4.2.1-5.fc4")) flag++; if (rpm_check(release:"FC4", reference:"mutt-debuginfo-1.4.2.1-5.fc4")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "mutt / mutt-debuginfo"); }
NASL family Slackware Local Security Checks NASL id SLACKWARE_SSA_2006-207-01.NASL description New mutt packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix a possible security issue. last seen 2020-06-01 modified 2020-06-02 plugin id 22098 published 2006-07-28 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/22098 title Slackware 10.0 / 10.1 / 10.2 / 8.1 / 9.0 / 9.1 / current : mutt (SSA:2006-207-01) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Slackware Security Advisory 2006-207-01. The text # itself is copyright (C) Slackware Linux, Inc. # include("compat.inc"); if (description) { script_id(22098); script_version("1.14"); script_cvs_date("Date: 2019/10/25 13:36:20"); script_cve_id("CVE-2006-3242"); script_xref(name:"SSA", value:"2006-207-01"); script_name(english:"Slackware 10.0 / 10.1 / 10.2 / 8.1 / 9.0 / 9.1 / current : mutt (SSA:2006-207-01)"); script_summary(english:"Checks for updated package in /var/log/packages"); script_set_attribute( attribute:"synopsis", value:"The remote Slackware host is missing a security update." ); script_set_attribute( attribute:"description", value: "New mutt packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix a possible security issue." ); # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472221 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?f208ceb8" ); script_set_attribute(attribute:"solution", value:"Update the affected mutt package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:mutt"); script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux"); script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:10.0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:10.1"); script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:10.2"); script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:8.1"); script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:9.0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:9.1"); script_set_attribute(attribute:"patch_publication_date", value:"2006/07/26"); script_set_attribute(attribute:"plugin_publication_date", value:"2006/07/28"); script_set_attribute(attribute:"vuln_publication_date", value:"2006/06/19"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2006-2019 Tenable Network Security, Inc."); script_family(english:"Slackware Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Slackware/release", "Host/Slackware/packages"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("slackware.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Slackware/release")) audit(AUDIT_OS_NOT, "Slackware"); if (!get_kb_item("Host/Slackware/packages")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Slackware", cpu); flag = 0; if (slackware_check(osver:"8.1", pkgname:"mutt", pkgver:"1.4.2.2i", pkgarch:"i386", pkgnum:"1_slack8.1")) flag++; if (slackware_check(osver:"9.0", pkgname:"mutt", pkgver:"1.4.2.2i", pkgarch:"i386", pkgnum:"1_slack9.0")) flag++; if (slackware_check(osver:"9.1", pkgname:"mutt", pkgver:"1.4.2.2i", pkgarch:"i486", pkgnum:"1_slack9.1")) flag++; if (slackware_check(osver:"10.0", pkgname:"mutt", pkgver:"1.4.2.2i", pkgarch:"i486", pkgnum:"1_slack10.0")) flag++; if (slackware_check(osver:"10.1", pkgname:"mutt", pkgver:"1.4.2.2i", pkgarch:"i486", pkgnum:"1_slack10.1")) flag++; if (slackware_check(osver:"10.2", pkgname:"mutt", pkgver:"1.4.2.2i", pkgarch:"i486", pkgnum:"1_slack10.2")) flag++; if (slackware_check(osver:"current", pkgname:"mutt", pkgver:"1.4.2.2i", pkgarch:"i486", pkgnum:"1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200606-27.NASL description The remote host is affected by the vulnerability described in GLSA-200606-27 (Mutt: Buffer overflow) TAKAHASHI Tamotsu has discovered that Mutt contains a boundary error in the last seen 2020-06-01 modified 2020-06-02 plugin id 21773 published 2006-06-29 reporter This script is Copyright (C) 2006-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/21773 title GLSA-200606-27 : Mutt: Buffer overflow code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 200606-27. # # The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(21773); script_version("1.14"); script_cvs_date("Date: 2019/08/02 13:32:43"); script_cve_id("CVE-2006-3242"); script_xref(name:"GLSA", value:"200606-27"); script_name(english:"GLSA-200606-27 : Mutt: Buffer overflow"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-200606-27 (Mutt: Buffer overflow) TAKAHASHI Tamotsu has discovered that Mutt contains a boundary error in the 'browse_get_namespace()' function in browse.c, which can be triggered when receiving an overly long namespace from an IMAP server. Impact : A malicious IMAP server can send an overly long namespace to Mutt in order to crash the application, and possibly execute arbitrary code with the permissions of the user running Mutt. Workaround : There is no known workaround at this time." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/200606-27" ); script_set_attribute( attribute:"solution", value: "All Mutt users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=mail-client/mutt-1.5.11-r2'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:mutt"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2006/06/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2006/06/29"); script_set_attribute(attribute:"vuln_publication_date", value:"2006/06/19"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2006-2019 Tenable Network Security, Inc."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"mail-client/mutt", unaffected:make_list("ge 1.5.11-r2"), vulnerable:make_list("lt 1.5.11-r2"))) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get()); else security_hole(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Mutt"); }
NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_D2A43243087B11DBBC360008743BF21A.NASL description SecurityFocus reports : Mutt is prone to a remote buffer-overflow vulnerability. This issue is due to the application last seen 2020-06-01 modified 2020-06-02 plugin id 21790 published 2006-07-03 reporter This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/21790 title FreeBSD : mutt -- Remote Buffer Overflow Vulnerability (d2a43243-087b-11db-bc36-0008743bf21a) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from the FreeBSD VuXML database : # # Copyright 2003-2018 Jacques Vidrine and contributors # # Redistribution and use in source (VuXML) and 'compiled' forms (SGML, # HTML, PDF, PostScript, RTF and so forth) with or without modification, # are permitted provided that the following conditions are met: # 1. Redistributions of source code (VuXML) must retain the above # copyright notice, this list of conditions and the following # disclaimer as the first lines of this file unmodified. # 2. Redistributions in compiled form (transformed to other DTDs, # published online in any format, converted to PDF, PostScript, # RTF and other formats) must reproduce the above copyright # notice, this list of conditions and the following disclaimer # in the documentation and/or other materials provided with the # distribution. # # THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS" # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, # THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, # OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT # OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR # BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION, # EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # include("compat.inc"); if (description) { script_id(21790); script_version("1.21"); script_cvs_date("Date: 2019/08/02 13:32:38"); script_cve_id("CVE-2006-3242"); script_bugtraq_id(18642); script_name(english:"FreeBSD : mutt -- Remote Buffer Overflow Vulnerability (d2a43243-087b-11db-bc36-0008743bf21a)"); script_summary(english:"Checks for updated packages in pkg_info output"); script_set_attribute( attribute:"synopsis", value: "The remote FreeBSD host is missing one or more security-related updates." ); script_set_attribute( attribute:"description", value: "SecurityFocus reports : Mutt is prone to a remote buffer-overflow vulnerability. This issue is due to the application's failure to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. This issue may allow remote attackers to execute arbitrary machine code in the context of the affected application. Failed exploit attempts will likely crash the application, denying further service to legitimate users." ); # http://dev.mutt.org/cgi-bin/gitweb.cgi?p=mutt/.git;a=commit;h=dc0272b749f0e2b102973b7ac43dbd3908507540 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?fc3f05e9" ); # https://vuxml.freebsd.org/freebsd/d2a43243-087b-11db-bc36-0008743bf21a.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?2fc568a6" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:ja-mutt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:ja-mutt-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:mutt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:mutt-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:mutt-devel-lite"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:mutt-lite"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:mutt-ng"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:zh-mutt-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:freebsd:freebsd"); script_set_attribute(attribute:"vuln_publication_date", value:"2006/06/26"); script_set_attribute(attribute:"patch_publication_date", value:"2006/06/30"); script_set_attribute(attribute:"plugin_publication_date", value:"2006/07/03"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"FreeBSD Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/FreeBSD/release", "Host/FreeBSD/pkg_info"); exit(0); } include("audit.inc"); include("freebsd_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/FreeBSD/release")) audit(AUDIT_OS_NOT, "FreeBSD"); if (!get_kb_item("Host/FreeBSD/pkg_info")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (pkg_test(save_report:TRUE, pkg:"mutt<=1.4.2.1_2")) flag++; if (pkg_test(save_report:TRUE, pkg:"mutt-lite<=1.4.2.1_2")) flag++; if (pkg_test(save_report:TRUE, pkg:"mutt-devel<=1.5.11_2")) flag++; if (pkg_test(save_report:TRUE, pkg:"mutt-devel-lite<=1.5.11_2")) flag++; if (pkg_test(save_report:TRUE, pkg:"ja-mutt<=1.4.2.1.j1")) flag++; if (pkg_test(save_report:TRUE, pkg:"zh-mutt-devel<=1.5.11_20040617")) flag++; if (pkg_test(save_report:TRUE, pkg:"ja-mutt-devel<=1.5.6.j1_2")) flag++; if (pkg_test(save_report:TRUE, pkg:"mutt-ng<=20060501")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
Oval
accepted | 2013-04-29T04:09:06.927-04:00 | ||||||||||||||||||||
class | vulnerability | ||||||||||||||||||||
contributors |
| ||||||||||||||||||||
definition_extensions |
| ||||||||||||||||||||
description | Stack-based buffer overflow in the browse_get_namespace function in imap/browse.c of Mutt 1.4.2.1 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via long namespaces received from the IMAP server. | ||||||||||||||||||||
family | unix | ||||||||||||||||||||
id | oval:org.mitre.oval:def:10826 | ||||||||||||||||||||
status | accepted | ||||||||||||||||||||
submitted | 2010-07-09T03:56:16-04:00 | ||||||||||||||||||||
title | Stack-based buffer overflow in the browse_get_namespace function in imap/browse.c of Mutt 1.4.2.1 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via long namespaces received from the IMAP server. | ||||||||||||||||||||
version | 26 |
Redhat
advisories |
| ||||||||||||||||||||||||||||||||||||||
rpms |
|
Seebug
bulletinFamily | exploit |
description | BUGTRAQ ID: 18642 CVE(CAN) ID: CVE-2006-3242 Mutt是一个小型但功能强大的基于文本的MIME邮件客户端。 Mutt处理畸形邮件时存在漏洞,远程攻击者可能利用此漏洞在客户端上执行任意指令。 Mutt的browse.c文件的browse_get_namespace()函数中存在缓冲区溢出漏洞。如果恶意的IMAP服务器向Mutt发送了超长的名称空间的话,就会触发这个漏洞,导致客户端崩溃或执行任意指令。 Mutt Mutt 1.4.2 Gentoo Linux 厂商补丁: Mutt ---- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: <a href=http://dev.mutt.org/cgi-bin/gitweb.cgi?p=mutt/.git;a=commitdiff;h=dc0272b749f0e2b102973b7ac43dbd3908507540 target=_blank>http://dev.mutt.org/cgi-bin/gitweb.cgi?p=mutt/.git;a=commitdiff;h=dc0272b749f0e2b102973b7ac43dbd3908507540</a> Gentoo ------ Gentoo已经为此发布了一个安全公告(GLSA-200606-27)以及相应补丁: GLSA-200606-27:Mutt: Buffer overflow 链接:<a href=http://security.gentoo.org/glsa/glsa-200606-27.xml target=_blank>http://security.gentoo.org/glsa/glsa-200606-27.xml</a> 所有Mutt用户都应升级到最新版本: # emerge --sync # emerge --ask --oneshot --verbose ">=mail-client/mutt-1.5.11-r2" |
id | SSV:2740 |
last seen | 2017-11-19 |
modified | 2007-12-31 |
published | 2007-12-31 |
reporter | Root |
title | Mutt BROWSE_GET_NAMESPACE IMAP名称空间处理远程溢出漏洞 |
References
- http://dev.mutt.org/cgi-bin/viewcvs.cgi/mutt/imap/browse.c?r1=1.34.2.2&r2=1.34.2.3
- http://www.securityfocus.com/bid/18642
- http://secunia.com/advisories/20810
- http://www.gentoo.org/security/en/glsa/glsa-200606-27.xml
- http://secunia.com/advisories/20854
- http://secunia.com/advisories/20879
- http://secunia.com/advisories/20836
- https://issues.rpath.com/browse/RPL-471
- http://secunia.com/advisories/20895
- http://www.trustix.org/errata/2006/0038
- http://secunia.com/advisories/20887
- http://www.debian.org/security/2006/dsa-1108
- http://www.redhat.com/support/errata/RHSA-2006-0577.html
- http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.013-mutt.html
- http://securitytracker.com/id?1016482
- http://secunia.com/advisories/21039
- http://www.novell.com/linux/security/advisories/2006_16_sr.html
- http://secunia.com/advisories/21124
- ftp://patches.sgi.com/support/free/security/advisories/20060701-01-U
- http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.472221
- http://secunia.com/advisories/21135
- http://secunia.com/advisories/21220
- http://secunia.com/advisories/20960
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:115
- http://www.vupen.com/english/advisories/2006/2522
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27428
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10826
- https://usn.ubuntu.com/307-1/
- http://www.securityfocus.com/archive/1/438712/100/0/threaded
- http://dev.mutt.org/cgi-bin/gitweb.cgi?p=mutt/.git%3Ba=commit%3Bh=dc0272b749f0e2b102973b7ac43dbd3908507540