• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Mutt Insecure Temporary File Creation Multiple Vulnerabilities

Bugtraq ID:	20733
Class:	Race Condition Error
CVE:	CVE-2006-5297 CVE-2006-5298
Remote:	No
Local:	Yes
Published:	Oct 25 2006 12:00AM
Updated:	Jun 08 2007 05:00PM
Credit:	Derek D. Martin is credited with the discovery of these vulnerabilities.
Vulnerable:	Ubuntu Ubuntu Linux 5.10 sparc Ubuntu Ubuntu Linux 5.10 powerpc Ubuntu Ubuntu Linux 5.10 i386 Ubuntu Ubuntu Linux 5.10 amd64 Ubuntu Ubuntu Linux 6.10 sparc Ubuntu Ubuntu Linux 6.10 powerpc Ubuntu Ubuntu Linux 6.10 i386 Ubuntu Ubuntu Linux 6.10 amd64 Ubuntu Ubuntu Linux 6.06 LTS sparc Ubuntu Ubuntu Linux 6.06 LTS powerpc Ubuntu Ubuntu Linux 6.06 LTS i386 Ubuntu Ubuntu Linux 6.06 LTS amd64 Trustix Secure Linux 3.0 Trustix Secure Linux 2.2 Trustix Operating System Enterprise Server 2.0 SGI ProPack 3.0 SP6 RedHat Fedora Core6 RedHat Fedora Core5 RedHat Enterprise Linux WS 4 RedHat Enterprise Linux WS 3 RedHat Enterprise Linux ES 4 RedHat Enterprise Linux ES 3 RedHat Enterprise Linux Desktop 5 client RedHat Enterprise Linux AS 4 RedHat Enterprise Linux AS 3 RedHat Enterprise Linux 5 server RedHat Desktop 4.0 RedHat Desktop 3.0 Mutt Mutt 1.5.12 Mutt Mutt 1.5.11 Mutt Mutt 1.5.10 Mutt Mutt 1.5.9 Mutt Mutt 1.5.6 Mutt Mutt 1.5.5 Mutt Mutt 1.5.4 Mutt Mutt 1.5.3 Mutt Mutt 1.4.2 + Netwosix Netwosix Linux 1.0 Mutt Mutt 1.4.2 Mutt Mutt 1.4.1 + Slackware Linux 9.1 + Slackware Linux 9.0 + Slackware Linux 8.1 + Trustix Secure Linux 2.0 Mutt Mutt 1.4 .0 + MandrakeSoft Corporate Server 2.1 x86_64 + MandrakeSoft Corporate Server 2.1 + MandrakeSoft Linux Mandrake 9.2 amd64 + MandrakeSoft Linux Mandrake 9.2 + MandrakeSoft Linux Mandrake 9.1 ppc + MandrakeSoft Linux Mandrake 9.1 + MandrakeSoft Linux Mandrake 9.0 + Netwosix Netwosix Linux 1.0 + OpenPKG OpenPKG 1.2 + OpenPKG OpenPKG 1.1 + OpenPKG OpenPKG Current + RedHat Linux 8.0 i686 + RedHat Linux 8.0 i386 + RedHat Linux 8.0 + S.u.S.E. Linux 8.1 Mutt Mutt 1.3.28 + Debian Linux 3.0 sparc + Debian Linux 3.0 s/390 + Debian Linux 3.0 ppc + Debian Linux 3.0 mipsel + Debian Linux 3.0 mips + Debian Linux 3.0 m68k + Debian Linux 3.0 ia-64 + Debian Linux 3.0 ia-32 + Debian Linux 3.0 hppa + Debian Linux 3.0 arm + Debian Linux 3.0 alpha + Debian Linux 3.0 + MandrakeSoft Linux Mandrake 8.2 ppc + MandrakeSoft Linux Mandrake 8.2 Mutt Mutt 1.3.27 + S.u.S.E. Linux 8.0 i386 + S.u.S.E. Linux 8.0 Mutt Mutt 1.3.25 Mutt Mutt 1.3.24 Mutt Mutt 1.3.22 + S.u.S.E. Linux 7.3 sparc + S.u.S.E. Linux 7.3 ppc + S.u.S.E. Linux 7.3 i386 + S.u.S.E. Linux 7.3 Mutt Mutt 1.3.17 + Conectiva Linux 7.0 Mutt Mutt 1.3.16 + S.u.S.E. Linux 7.2 i386 + S.u.S.E. Linux 7.2 Mutt Mutt 1.3.12 -1 Mutt Mutt 1.3.12 + S.u.S.E. Linux 7.1 x86 + S.u.S.E. Linux 7.1 sparc + S.u.S.E. Linux 7.1 ppc + S.u.S.E. Linux 7.1 alpha Mutt Mutt 1.2.5 .1 Mutt Mutt 1.2.5 -5 Mutt Mutt 1.2.5 -4 Mutt Mutt 1.2.5 -12OL - Caldera OpenLinux 2.3 Mutt Mutt 1.2.5 -12 - Caldera OpenLinux eBuilder 3.0 - Caldera OpenLinux Server 3.1.1 - Caldera OpenLinux Server 3.1 - Caldera OpenLinux Workstation 3.1.1 - Caldera OpenLinux Workstation 3.1 - SCO eDesktop 2.4 - SCO eServer 2.3.1 Mutt Mutt 1.2.5 -1 Mutt Mutt 1.2.5 + Caldera OpenLinux 3.1 -IA64 + Caldera OpenLinux 2.3 + Caldera OpenLinux eBuilder 3.0 + Caldera OpenLinux Server 3.1.1 + Caldera OpenLinux Server 3.1 + Caldera OpenLinux Workstation 3.1.1 + Caldera OpenLinux Workstation 3.1 + Conectiva Linux 6.0 + Debian Linux 2.2 sparc + Debian Linux 2.2 powerpc + Debian Linux 2.2 IA-32 + Debian Linux 2.2 arm + Debian Linux 2.2 alpha + Debian Linux 2.2 68k + HP Secure OS software for Linux 1.0 + RedHat Linux 7.2 ia64 + RedHat Linux 7.2 i386 + RedHat Linux 7.1 ia64 + RedHat Linux 7.1 i386 + RedHat Linux 7.1 alpha + RedHat Linux 7.0 J i386 + RedHat Linux 7.0 sparc + RedHat Linux 7.0 i386 + RedHat Linux 7.0 alpha + SCO eDesktop 2.4 + SCO eServer 2.3.1 + Trustix Secure Linux 1.5 + Trustix Secure Linux 1.2 Mutt Mutt 1.2 -1 Mutt Mutt 1.1.12 -1 Mutt Mutt 1.1.9 -1 Mutt Mutt 1.1.5 -1 Mutt Mutt 1.1.4 -1 Mutt Mutt 1.1.3 -1 Mutt Mutt 1.1.2 -2 Mutt Mutt 1.1.2 -1 Mutt Mutt 1.1.1 -1 Mutt Mutt 1.0.1 + Conectiva Linux 5.1 + Conectiva Linux 5.0 + Conectiva Linux 4.2 + Conectiva Linux 4.1 + Conectiva Linux 4.0 es + Conectiva Linux 4.0 + Conectiva Linux graficas + Conectiva Linux ecommerce + RedHat Linux 6.2 sparc + RedHat Linux 6.2 i386 + RedHat Linux 6.2 alpha + S.u.S.E. Linux 6.4 ppc + S.u.S.E. Linux 6.4 i386 + S.u.S.E. Linux 6.4 alpha Mutt Mutt 1.0 pre3 Mutt Mutt 0.95.6 Mutt Mutt 0.93.2 (i) Mutt Mutt 0.93.2 + RedHat Linux 5.2 sparc + RedHat Linux 5.2 i386 + RedHat Linux 5.2 alpha Mutt Mutt 0.93.1 (i) Mutt Mutt 1.5.9i Mutt Mutt 1.5.5.1i Mutt Mutt 1.4.2.2 MIT Kerberos 5 0.93.1 (i) MandrakeSoft Linux Mandrake 2006.0 x86_64 MandrakeSoft Linux Mandrake 2006.0 MandrakeSoft Linux Mandrake 2007.0 x86_64 MandrakeSoft Linux Mandrake 2007.0 MandrakeSoft Corporate Server 3.0 x86_64 MandrakeSoft Corporate Server 3.0
Not Vulnerable: