Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3242

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-3242
Last Modified 07 Mar 2011 09:38:09
Published 27 Jun 2006 06:05:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-3242

Summary

Stack-based buffer overflow in the browse_get_namespace function in imap/browse.c of Mutt 1.4.2.1 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via long namespaces received from the IMAP server.

Vulnerable Systems

Application

  • Mutt 1.4.2

  • Mutt 1.4.2.1


References

VUPEN - ADV-2006-2522

BID - 18642

SECUNIA - 20810

CONFIRM - http://dev.mutt.org/cgi-bin/viewcvs.cgi/mutt/imap/browse.c?r1=1.34.2.2&r2=1.34.2.3

CONFIRM - http://dev.mutt.org/cgi-bin/gitweb.cgi?p=mutt/.git;a=commit;h=dc0272b749f0e2b102973b7ac43dbd3908507540

CONFIRM - https://issues.rpath.com/browse/RPL-471

XF - mutt-imap-namespace-bo(27428)

UBUNTU - USN-307-1

TRUSTIX - 2006-0038

BUGTRAQ - 20060629 rPSA-2006-0116-1 mutt

REDHAT - RHSA-2006:0577

OPENPKG - OpenPKG-SA-2006.013

SUSE - SUSE-SR:2006:016

MANDRIVA - MDKSA-2006:115

GENTOO - GLSA-200606-27

DEBIAN - DSA-1108

SLACKWARE - SSA:2006-207-01

SECTRACK - 1016482

SECUNIA - 21220

SECUNIA - 21135

SECUNIA - 21124

SECUNIA - 21039

SECUNIA - 20960

SECUNIA - 20895

SECUNIA - 20887

SECUNIA - 20879

SECUNIA - 20854

SECUNIA - 20836

SGI - 20060701-01-U


Last Updated: 27 May 2016 10:42:56