Mutt IMAP远程文件夹缓冲区溢出漏洞发布时间:2003-03-28 更新时间:2003-04-07 严重程度:高 威胁程度:普通用户访问权限 错误类型:边界检查错误 利用方式:服务器模式 BUGTRAQ ID:7229 CVE(CAN) ID:CAN-2003-0167 受影响系统 Mutt Mutt 1.2.5详细描述 Mutt存在一个缓冲区溢出漏洞。 Mutt提供一个功能,允许远程用户通过IMAP文件夹读取邮件。IMAP服务器上特殊构建的文件夹可能触发缓冲区溢出导致Mutt客户端崩溃,精心构建的文件夹数据可能以用户进程权限在系统上执行任意指令。 目前还没有该漏洞的详细信息。 解决方案 Mutt Mutt 1.2.5: Debian Upgrade mutt_1.2.5-5.2_alpha.deb http://security.debian.org/pool/updates/main/m/mutt/mutt_1.2.5-5.2_alpha.deb Debian Upgrade mutt_1.2.5-5.2_arm.deb http://security.debian.org/pool/updates/main/m/mutt/mutt_1.2.5-5.2_arm.deb Debian Upgrade mutt_1.2.5-5.2_i386.deb http://security.debian.org/pool/updates/main/m/mutt/mutt_1.2.5-5.2_i386.deb Debian Upgrade mutt_1.2.5-5.2_m68k.deb http://security.debian.org/pool/updates/main/m/mutt/mutt_1.2.5-5.2_m68k.deb Debian Upgrade mutt_1.2.5-5.2_powerpc.deb http://security.debian.org/pool/updates/main/m/mutt/mutt_1.2.5-5.2_powerpc.deb Debian Upgrade mutt_1.2.5-5.2_sparc.deb http://security.debian.org/pool/updates/main/m/mutt/mutt_1.2.5-5.2_sparc.deb Mutt Mutt 1.3.12 -1: Mutt Mutt 1.3.12: Mutt Mutt 1.3.16: Mutt Mutt 1.3.17: Mutt Mutt 1.3.22: Mutt Mutt 1.3.24: Mutt Mutt 1.3.25: Mutt Mutt 1.3.27: Mutt Mutt 1.3.28: Debian Upgrade mutt-utf8_1.3.28-2.2_sparc.deb http://security.debian.org/pool/updates/main/m/mutt/mutt-utf8_1.3.28-2.2_sparc.deb Debian Upgrade mutt_1.3.28-2.2_sparc.deb http://security.debian.org/pool/updates/main/m/mutt/mutt_1.3.28-2.2_sparc.deb Debian Upgrade mutt-utf8_1.3.28-2.2_s390.deb http://security.debian.org/pool/updates/main/m/mutt/mutt-utf8_1.3.28-2.2_s390.deb Debian Upgrade mutt_1.3.28-2.2_s390.deb http://security.debian.org/pool/updates/main/m/mutt/mutt_1.3.28-2.2_s390.deb Debian Upgrade mutt-utf8_1.3.28-2.2_powerpc.deb http://security.debian.org/pool/updates/main/m/mutt/mutt-utf8_1.3.28-2.2_powerpc.deb Debian Upgrade mutt_1.3.28-2.2_powerpc.deb http://security.debian.org/pool/updates/main/m/mutt/mutt_1.3.28-2.2_powerpc.deb Debian Upgrade mutt-utf8_1.3.28-2.2_mipsel.deb http://security.debian.org/pool/updates/main/m/mutt/mutt-utf8_1.3.28-2.2_mipsel.deb Debian Upgrade mutt_1.3.28-2.2_mipsel.deb http://security.debian.org/pool/updates/main/m/mutt/mutt_1.3.28-2.2_mipsel.deb Debian Upgrade mutt-utf8_1.3.28-2.2_mips.deb http://security.debian.org/pool/updates/main/m/mutt/mutt-utf8_1.3.28-2.2_mips.deb Debian Upgrade mutt_1.3.28-2.2_mips.deb http://security.debian.org/pool/updates/main/m/mutt/mutt_1.3.28-2.2_mips.deb Debian Upgrade mutt-utf8_1.3.28-2.2_m68k.deb http://security.debian.org/pool/updates/main/m/mutt/mutt-utf8_1.3.28-2.2_m68k.deb Debian Upgrade mutt_1.3.28-2.2_m68k.deb http://security.debian.org/pool/updates/main/m/mutt/mutt_1.3.28-2.2_m68k.deb Debian Upgrade mutt-utf8_1.3.28-2.2_hppa.deb http://security.debian.org/pool/updates/main/m/mutt/mutt-utf8_1.3.28-2.2_hppa.deb Debian Upgrade mutt_1.3.28-2.2_hppa.deb http://security.debian.org/pool/updates/main/m/mutt/mutt_1.3.28-2.2_hppa.deb Debian Upgrade mutt-utf8_1.3.28-2.2_ia64.deb http://security.debian.org/pool/updates/main/m/mutt/mutt-utf8_1.3.28-2.2_ia64.deb Debian Upgrade mutt_1.3.28-2.2_ia64.deb http://security.debian.org/pool/updates/main/m/mutt/mutt_1.3.28-2.2_ia64.deb Debian Upgrade mutt-utf8_1.3.28-2.2_i386.deb http://security.debian.org/pool/updates/main/m/mutt/mutt-utf8_1.3.28-2.2_i386.deb Debian Upgrade mutt_1.3.28-2.2_i386.deb http://security.debian.org/pool/updates/main/m/mutt/mutt_1.3.28-2.2_i386.deb Debian Upgrade mutt-utf8_1.3.28-2.2_arm.deb http://security.debian.org/pool/updates/main/m/mutt/mutt-utf8_1.3.28-2.2_arm.deb Debian Upgrade mutt_1.3.28-2.2_arm.deb http://security.debian.org/pool/updates/main/m/mutt/mutt_1.3.28-2.2_arm.deb Debian Upgrade mutt-utf8_1.3.28-2.2_alpha.deb http://security.debian.org/pool/updates/main/m/mutt/mutt-utf8_1.3.28-2.2_alpha.deb Debian Upgrade mutt_1.3.28-2.2_alpha.deb http://security.debian.org/pool/updates/main/m/mutt/mutt_1.3.28-2.2_alpha.deb 相关信息 报告:Byrial Jensen 相关资料:http://online.securityfocus.com/advisories/5189 http://online.securityfocus.com/advisories/5238 |
