MandrivaUsers.org > Security Advisory (MDKSA-2003:041-1): mutt

Full Version: Security Advisory (MDKSA-2003:041-1): mutt

MandrivaUsers.org > Announcements > Mandriva Security Advisories

aru

Apr 3 2003, 04:22 PM

MandrakeSoft Security Advisory MDKSA-2003:041-1 : mutt

April 3rd, 2003
Updated mutt packages fix exploitable buffer overflow

A vulnerability was discovered in the mutt text-mode email client in the IMAP code. This vulnerability can be exploited by a malicious IMAP server to crash mutt or even execute arbitrary code with the privilege of the user running mutt.

Update:

The packages for Mandrake Linux 9.1 and 9.1/PPC were not GPG-signed.This has been fixed and as a result the md5sums have changed. Thanks to Mark Lyda for pointing this out.

The released versions of Mandrake GNU/Linux affected are:[list] 9.1

[*] 9.1/PPC [list]
Full information about this advisory, including the updated packages, is available at:
www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:041-1

Other references:
http://cve.mitre.org/cgi-bin/cvename.cgi?n...e=CAN-2003-0140

[size=9]Posted automatically by aru (mdksec2mub v0.0.5)

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.