OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Philip J. Koenig (pjklistekahuna.com)
Date: Fri Jan 04 2002 - 20:40:00 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    I got this today:

    >=== FreeBSD-SA-02:04 Security Advisory FreeBSD, Inc.
    >
    > Topic: mutt ports contain remotely exploitable buffer overflow
    >
    > Category: ports
    > Module: mutt
    > Announced: 2002-01-04
    > Credits: Joost Pol <joostcontempt.nl>
    > Affects: Ports collection prior to the correction date
    > Corrected: 2002-01-02 13:52:03 UTC (ports/mail/mutt: 1.2.x)
    > 2002-01-02 03:39:01 UTC (ports/mail/mutt-devel: 1.3.x)
    > FreeBSD only: NO
    >
    > I. Background
    >
    > Mutt is a small but very powerful text-based mail client for Unix
    > operating systems.
    >
    > II. Problem Description
    >
    > The mutt ports, versions prior to mutt-1.2.25_1 and
    > mutt-devel-1.3.24_2, contain a buffer overflow in the handling of
    > email addresses in headers.

    Shall I assume the "1.2.25_1" string above is a typo? Is it really
    the versions prior to 1.2.5_1? Because I would think 1.2.2x seems to
    be pretty old at this point.

    Phil 

    --
Philip J. Koenig                                       pjklistekahuna.com
Electric Kahuna Systems -- Computers & Communications for the New Millenium

    To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message