• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Mutt Address Handling Buffer Overflow Vulnerability

Solution:
Users of HP Secure OS software for Linux Release 1.0 have been advised to download the appropriate patch given for Red Hat Linux 7.1. For details, refer to advisory HPSBTL0201-011, listed in the references section.

Updated versions are available:


Mutt Mutt 0.93.2

• Mutt mutt-1.2.5.1.tar.gz
  ftp://ftp.mutt.org/pub/mutt/mutt-1.2.5.1.tar.gz

Mutt Mutt 1.0.1

• Conectiva ecommerce mutt-1.2.5-7U50_1cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/mutt-1. 2.5-7U50_1cl.i386.rpm


• Conectiva graficas mutt-1.2.5-7U50_1cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/mutt-1.2 .5-7U50_1cl.i386.rpm


• Conectiva mutt-1.2.5-7U50_1cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/5.0/i386/mutt-1.2.5-7U50_1cl.i386. rpm


• Conectiva mutt-1.2.5-7U51_1cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/5.1/i386/mutt-1.2.5-7U51_1cl.i386. rpm


• Mutt mutt-1.2.5.1.tar.gz
  ftp://ftp.mutt.org/pub/mutt/mutt-1.2.5.1.tar.gz


• Red Hat 6.2 alpha mutt-1.2.5.1-0.6.alpha.rpm
  ftp://updates.redhat.com/6.2/en/os/alpha/mutt-1.2.5.1-0.6.alpha.rpm


• Red Hat 6.2 i386 mutt-1.2.5.1-0.6.i386.rpm
  ftp://updates.redhat.com/6.2/en/os/i386/mutt-1.2.5.1-0.6.i386.rpm


• Red Hat 6.2 sparc mutt-1.2.5.1-0.6.sparc.rpm
  ftp://updates.redhat.com/6.2/en/os/sparc/mutt-1.2.5.1-0.6.sparc.rpm


• S.u.S.E. mutt-1.0.1i-30.i386.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/6.4/n1/mutt-1.0.1i-30.i386.rpm


• S.u.S.E. mutt-1.0.1i-30.ppc.rpm
  ftp://ftp.suse.com/pub/suse/ppc/update/6.4/n1/mutt-1.0.1i-30.ppc.rpm

Mutt Mutt 1.2.5

• Caldera mutt-1.2.5-12.i386
  ftp://ftp.caldera.com/pub/updates/eDesktop/2.4/current/RPMS/mutt-1.2.5 -12.i386.rpm


• Caldera mutt-1.2.5-12.i386
  ftp://ftp.caldera.com/pub/updates/eServer/2.3/current/RPMS/mutt-1.2.5- 12.i386.rpm


• Caldera mutt-1.2.5-12.i386
  ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Server/current/RPMS/ mutt-1.2.5-12.i386.rpm


• Caldera mutt-1.2.5-12.i386
  ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Server/current/RPMS/mu tt-1.2.5-12.i386.rpm


• Caldera mutt-1.2.5-12.i386
  ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/Workstation/current/RP MS/mutt-1.2.5-12.i386.rpm


• Caldera mutt-1.2.5-12.i386
  tp://ftp.caldera.com/pub/updates/OpenLinux/3.1.1/Workstation/current/R PMS/mutt-1.2.5-12.i386.rpm


• Caldera mutt-1.2.5-12.ia64
  ftp://ftp.caldera.com/pub/updates/OpenLinux/3.1/IA64/current/RPMS/mutt -1.2.5-12.ia64.rpm


• Caldera mutt-1.2.5-12OL.i386
  ftp://ftp.caldera.com/pub/updates/OpenLinux/2.3/current/RPMS/mutt-1.2. 5-12OL.i386.rpm


• Conectiva mutt-1.2.5-7U60_1cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/6.0/RPMS/mutt-1.2.5-7U60_1cl.i386. rpm


• Debian mutt_1.2.5-5_alpha.deb
  http://security.debian.org/dists/stable/updates/main/binary-alpha/mutt _1.2.5-5_alpha.deb


• Debian mutt_1.2.5-5_arm.deb
  http://security.debian.org/dists/stable/updates/main/binary-arm/mutt_1 .2.5-5_arm.deb


• Debian mutt_1.2.5-5_i386.deb
  http://security.debian.org/dists/stable/updates/main/binary-i386/mutt_ 1.2.5-5_i386.deb


• Debian mutt_1.2.5-5_m68k.deb
  http://security.debian.org/dists/stable/updates/main/binary-m68k/mutt_ 1.2.5-5_m68k.deb


• Debian mutt_1.2.5-5_powerpc.deb
  http://security.debian.org/dists/stable/updates/main/binary-powerpc/mu tt_1.2.5-5_powerpc.deb


• Debian mutt_1.2.5-5_sparc.deb
  http://security.debian.org/dists/stable/updates/main/binary-sparc/mutt _1.2.5-5_sparc.deb


• FreeBSD ports-4 i386 mutt-1.2.5_1.tgz
  ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/mail/mu tt-1.2.5_1.tgz


• FreeBSD ports-5 i386 mutt-1.2.5_1.tgz
  ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/mail/m utt-1.2.5_1.tgz


• Mutt mutt-1.2.5.1.tar.gz
  ftp://ftp.mutt.org/pub/mutt/mutt-1.2.5.1.tar.gz


• Red Hat 7.0 alpha mutt-1.2.5.1-0.7.alpha.rpm
  ftp://updates.redhat.com/7.0/en/os/alpha/mutt-1.2.5.1-0.7.alpha.rpm


• Red Hat 7.0 i386 mutt-1.2.5.1-0.7.i386.rpm
  ftp://updates.redhat.com/7.0/en/os/i386/mutt-1.2.5.1-0.7.i386.rpm


• Red Hat 7.0J i386 mutt-1.2.5.1-0.7j.i386.rpm
  ftp://updates.redhat.com/7.0/ja/os/i386/mutt-1.2.5.1-0.7j.i386.rpm


• Red Hat 7.1 alpha mutt-1.2.5.1-0.7.alpha.rpm
  ftp://updates.redhat.com/7.1/en/os/alpha/mutt-1.2.5.1-0.7.alpha.rpm


• Red Hat 7.1 i386 mutt-1.2.5.1-0.7.i386.rpm
  ftp://updates.redhat.com/7.1/en/os/i386/mutt-1.2.5.1-0.7.i386.rpm


• Red Hat 7.1 ia64 mutt-1.2.5.1-0.7.ia64.rpm
  ftp://updates.redhat.com/7.1/en/os/ia64/mutt-1.2.5.1-0.7.ia64.rpm


• Red Hat 7.2 i386 mutt-1.2.5.1-1.i386.rpm
  ftp://updates.redhat.com/7.2/en/os/i386/mutt-1.2.5.1-1.i386.rpm


• Red Hat 7.2 ia64 mutt-1.2.5.1-1.ia64.rpm
  ftp://updates.redhat.com/7.2/en/os/ia64/mutt-1.2.5.1-1.ia64.rpm


• S.u.S.E. mutt-1.2.5i-12.ppc.rpm
  ftp://ftp.suse.com/pub/suse/ppc/update/7.0/n1/mutt-1.2.5i-12.ppc.rpm


• S.u.S.E. mutt-1.2.5i-38.i386.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/7.0/n1/mutt-1.2.5i-38.i386.rpm


• S.u.S.E. mutt-1.2.5i-6.sparc.rpm
  ftp://ftp.suse.com/pub/suse/sparc/update/7.0/n1/mutt-1.2.5i-6.sparc.rp m


• Trustix Secure Linux 1.2 mutt-1.2.5i.1-1tr.i586.rpm
  http://www.trustix.net/pub/Trustix/updates/1.2/RPMS/mutt-1.2.5i.1-1tr. i586.rpm


• Trustix Secure Linux 1.5 mutt-1.2.5i.1-1tr.i586.rpm
  http://www.trustix.net/pub/Trustix/updates/1.5/RPMS/mutt-1.2.5i.1-1tr. i586.rpm

Mutt Mutt 1.3.12

• S.u.S.E. mutt-1.3.12i-5.alpha.rpm
  ftp://ftp.suse.com/pub/suse/axp/update/7.1/n1/mutt-1.3.12i-5.alpha.rpm


• S.u.S.E. mutt-1.3.12i-51.i386.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/7.1/n1/mutt-1.3.12i-51.i386.rp m


• S.u.S.E. mutt-1.3.12i-6.sparc.rpm
  ftp://ftp.suse.com/pub/suse/sparc/update/7.1/n1/mutt-1.3.12i-6.sparc.r pm

Mutt Mutt 1.3.16

• S.u.S.E. mutt-1.3.16i-71.i386.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/7.2/n1/mutt-1.3.16i-71.i386.rp m

Mutt Mutt 1.3.17

• Conectiva mutt-1.3.17-8U70_1cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/7.0/RPMS/mutt-1.3.17-8U70_1cl.i386 .rpm


• Conectiva mutt-doc-1.3.17-8U70_1cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/7.0/RPMS/mutt-doc-1.3.17-8U70_1cl. i386.rpm


• Conectiva mutt-help-1.3.17-8U70_1cl.i386.rpm
  ftp://atualizacoes.conectiva.com.br/7.0/RPMS/mutt-help-1.3.17-8U70_1cl .i386.rpm

Mutt Mutt 1.3.22

• S.u.S.E. mutt-1.3.22.1i-105.i386.rpm
  ftp://ftp.suse.com/pub/suse/i386/update/7.3/n1/mutt-1.3.22.1i-105.i386 .rpm


• S.u.S.E. mutt-1.3.22.1i-27.sparc.rpm
  ftp://ftp.suse.com/pub/suse/sparc/update/7.3/n1/mutt-1.3.22.1i-27.spar c.rpm


• S.u.S.E. mutt-1.3.22.1i-63.ppc.rpm
  ftp://ftp.suse.com/pub/suse/ppc/update/7.3/n1/mutt-1.3.22.1i-63.ppc.rp m

Mutt Mutt 1.3.24

• FreeBSD ports-4 i386 mutt-devel-1.3.24_2.tgz
  ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/mail/mu tt-devel-1.3.24_2.tgz


• FreeBSD ports-5 i386 mutt-devel-1.3.24_2.tgz
  ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/mail/m utt-devel-1.3.24_2.tgz


• Mutt mutt-1.3.25i.tar.gz
  ftp://ftp.mutt.org/pub/mutt/mutt-1.3.25i.tar.gz