Race condition in the safe_open function in the Mutt mail client 1.5.12 and earlier, when creating temporary files in an NFS filesystem, allows local users to overwrite arbitrary files due to limitations of the use of the O_EXCL flag on NFS filesystems.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:18
Type | Values Removed | Values Added |
---|---|---|
References | () http://marc.info/?l=mutt-dev&m=115999486426292&w=2 - | |
References | () http://secunia.com/advisories/22613 - | |
References | () http://secunia.com/advisories/22640 - | |
References | () http://secunia.com/advisories/22685 - | |
References | () http://secunia.com/advisories/22686 - | |
References | () http://secunia.com/advisories/25529 - | |
References | () http://www.mandriva.com/security/advisories?name=MDKSA-2006:190 - | |
References | () http://www.redhat.com/support/errata/RHSA-2007-0386.html - | |
References | () http://www.securityfocus.com/bid/20733 - | |
References | () http://www.trustix.org/errata/2006/0061/ - | |
References | () http://www.ubuntu.com/usn/usn-373-1 - | |
References | () http://www.vupen.com/english/advisories/2006/4176 - | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10601 - |
Information
Published : 2006-10-16 19:07
Updated : 2024-11-21 00:18
NVD link : CVE-2006-5297
Mitre link : CVE-2006-5297
CVE.ORG link : CVE-2006-5297
JSON object : View
Products Affected
mutt
- mutt
CWE