CVE-2006-5297

Race condition in the safe_open function in the Mutt mail client 1.5.12 and earlier, when creating temporary files in an NFS filesystem, allows local users to overwrite arbitrary files due to limitations of the use of the O_EXCL flag on NFS filesystems.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*
cpe:2.3:a:mutt:mutt:0.95.6:*:*:*:*:*:*:*
cpe:2.3:a:mutt:mutt:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:mutt:mutt:1.2.5:*:*:*:*:*:*:*
cpe:2.3:a:mutt:mutt:1.2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:mutt:mutt:1.2.5.4:*:*:*:*:*:*:*
cpe:2.3:a:mutt:mutt:1.2.5.5:*:*:*:*:*:*:*
cpe:2.3:a:mutt:mutt:1.2.5.12:*:*:*:*:*:*:*
cpe:2.3:a:mutt:mutt:1.2.5.12_ol:*:*:*:*:*:*:*
cpe:2.3:a:mutt:mutt:1.3.12:*:*:*:*:*:*:*
cpe:2.3:a:mutt:mutt:1.3.12.1:*:*:*:*:*:*:*
cpe:2.3:a:mutt:mutt:1.3.16:*:*:*:*:*:*:*
cpe:2.3:a:mutt:mutt:1.3.17:*:*:*:*:*:*:*
cpe:2.3:a:mutt:mutt:1.3.22:*:*:*:*:*:*:*
cpe:2.3:a:mutt:mutt:1.3.24:*:*:*:*:*:*:*
cpe:2.3:a:mutt:mutt:1.3.25:*:*:*:*:*:*:*
cpe:2.3:a:mutt:mutt:1.3.27:*:*:*:*:*:*:*
cpe:2.3:a:mutt:mutt:1.3.28:*:*:*:*:*:*:*
cpe:2.3:a:mutt:mutt:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:mutt:mutt:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:mutt:mutt:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:mutt:mutt:1.4.2.1:*:*:*:*:*:*:*
cpe:2.3:a:mutt:mutt:1.5.3:*:*:*:*:*:*:*
cpe:2.3:a:mutt:mutt:1.5.10:*:*:*:*:*:*:*

History

21 Nov 2024, 00:18

Type Values Removed Values Added
References () http://marc.info/?l=mutt-dev&m=115999486426292&w=2 - () http://marc.info/?l=mutt-dev&m=115999486426292&w=2 -
References () http://secunia.com/advisories/22613 - () http://secunia.com/advisories/22613 -
References () http://secunia.com/advisories/22640 - () http://secunia.com/advisories/22640 -
References () http://secunia.com/advisories/22685 - () http://secunia.com/advisories/22685 -
References () http://secunia.com/advisories/22686 - () http://secunia.com/advisories/22686 -
References () http://secunia.com/advisories/25529 - () http://secunia.com/advisories/25529 -
References () http://www.mandriva.com/security/advisories?name=MDKSA-2006:190 - () http://www.mandriva.com/security/advisories?name=MDKSA-2006:190 -
References () http://www.redhat.com/support/errata/RHSA-2007-0386.html - () http://www.redhat.com/support/errata/RHSA-2007-0386.html -
References () http://www.securityfocus.com/bid/20733 - () http://www.securityfocus.com/bid/20733 -
References () http://www.trustix.org/errata/2006/0061/ - () http://www.trustix.org/errata/2006/0061/ -
References () http://www.ubuntu.com/usn/usn-373-1 - () http://www.ubuntu.com/usn/usn-373-1 -
References () http://www.vupen.com/english/advisories/2006/4176 - () http://www.vupen.com/english/advisories/2006/4176 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10601 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10601 -

Information

Published : 2006-10-16 19:07

Updated : 2024-11-21 00:18


NVD link : CVE-2006-5297

Mitre link : CVE-2006-5297

CVE.ORG link : CVE-2006-5297


JSON object : View

Products Affected

mutt

  • mutt