[Full-disclosure] rPSA-2007-0114-1 mutt
rPath Update Announcements
announce-noreply at rpath.com
Mon Jun 4 22:41:14 BST 2007
rPath Security Advisory: 2007-0114-1
Products: rPath Linux 1
Exposure Level Classification:
Local User Deterministic Privilege Escalation
mutt=/conary.rpath.com at rpl:devel//1/18.104.22.168-0.1-1
In previous versions of the mutt package, it is possible for an attacker
to subvert other local users' mutt processes causing them to run
attacker-provided code. Additionally, it is possible for a hostile server
masquerading as a user's APOP server to determine some characters from a
Copyright 2007 rPath, Inc.
This file is distributed under the terms of the MIT License.
A copy is available at http://www.rpath.com/permanent/mit-license.html
Full-Disclosure is hosted and sponsored by Secunia.