CVE-2006-5297 Information
Description
Race condition in the safe_open function in the Mutt mail client 1.5.12 and earlier when creating temporary files in an NFS filesystem allows local users to overwrite arbitrary files due to limitations of the use of the O_EXCL flag on NFS filesystems.
Reference
http://marc.info/?l=mutt-dev&m=115999486426292&w=2 http://secunia.com/advisories/22613 http://secunia.com/advisories/22640 http://secunia.com/advisories/22685 http://secunia.com/advisories/22686 http://secunia.com/advisories/25529 http://www.mandriva.com/security/advisories?name=MDKSA-2006:190 http://www.redhat.com/support/errata/RHSA-2007-0386.html http://www.securityfocus.com/bid/20733 http://www.trustix.org/errata/2006/0061/ http://www.ubuntu.com/usn/usn-373-1 http://www.vupen.com/english/advisories/2006/4176 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10601
Share on: