drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Pufferüberlauf in mutt
| Name: |
Pufferüberlauf in mutt
|
|
| ID: |
|
|
| Distribution: |
Slackware |
|
| Plattformen: |
Slackware 8.1, Slackware 9.0 |
|
| Datum: |
Mo, 31. März 2003, 13:00 |
|
| Referenzen: |
Keine Angabe |
|
| Applikationen: |
mutt |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[slackware-security] Mutt buffer overflow in IMAP support
The mutt mail client packages in Slackware 8.1 and 9.0 have been
upgraded to mutt-1.4.1i to fix a security problem discovered by
Core Security Technologies. This issue may allow a remote
attacker controlling a malicious IMAP server to execute code on
your machine as the user running mutt if you connect to the IMAP
server using mutt.
All sites running mutt are advised to upgrade.
More information on the problem can be found here:
http://www.coresecurity.com/common/showdoc.php?idx=310&idxseccion=10
Here are the details from the Slackware 9.0 ChangeLog:
+--------------------------+
Sat Mar 29 13:46:36 PST 2003
patches/packages/mutt-1.4.1i-i386-1.tgz: Upgraded to mutt-1.4.1i.
From www.mutt.org:
Mutt 1.4.1 and 1.5.4 were released on March 19, 2003. These
releases both fix a buffer overflow identified by Core Security
Technologies. The only differences between 1.4 and 1.4.1 are bug
fixes. If you are currently using 1.4, it's probably a very good
idea to update.
(* Security fix *)
+--------------------------+
WHERE TO FIND THE NEW PACKAGES:
+-----------------------------+
Updated package for Slackware 8.1:
mutt-1.4.1i-i386-1.tgz
Updated package for Slackware 9.0:
mutt-1.4.1i-i386-1.tgz
MD5 SIGNATURES:
+-------------+
Here are the md5sums for the packages:
Slackware 8.1 package:
e39aa947e54ffe27b44f7f5a8c7d3eed mutt-1.4.1i-i386-1.tgz
Slackware 9.0 package:
cde2991aaa4d41fb82a983555b347e64 mutt-1.4.1i-i386-1.tgz
INSTALLATION INSTRUCTIONS:
+------------------------+
Upgrade mutt using upgradepkg (as root):
upgradepkg mutt-1.4.1i-i386-1.tgz
+-----+
Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com
+------------------------------------------------------------------------+
| HOW TO REMOVE YOURSELF FROM THIS MAILING LIST: |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back. Follow the instructions to |
| complete the unsubscription. Do not reply to this message to |
| unsubscribe! |
+------------------------------------------------------------------------+
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE+hjGEakRjwEAQIjMRAsNTAJ0WkrYLCjcQdH7RSBUEsXhz+hqGhACfVT6E
80yDdyVULB+E+EBbbe79egs=
=32Dh
-----END PGP SIGNATURE-----
|
|
|
|
