CVE-2006-5297

Race condition in the safe_open function in the Mutt mail client 1.5.12 and earlier, when creating temporary files in an NFS filesystem, allows local users to overwrite arbitrary files due to limitations of the use of the O_EXCL flag on NFS filesystems.

CVSS v2.0 1.2 LOW

1.2^/10

CVSS v2.0 : LOW

Vector : AV:L/AC:H/Au:N/C:N/I:P/A:N

Exploitability : 1.9 / Impact : 2.9

Access Vector LOCAL

Access Complexity HIGH

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://www.securityfocus.com/bid/20733
http://secunia.com/advisories/22613
http://secunia.com/advisories/22640
http://www.ubuntu.com/usn/usn-373-1
http://secunia.com/advisories/22686
http://www.trustix.org/errata/2006/0061/
http://secunia.com/advisories/22685
http://www.mandriva.com/security/advisories?name=MDKSA-2006:190
http://www.redhat.com/support/errata/RHSA-2007-0386.html
http://secunia.com/advisories/25529
http://www.vupen.com/english/advisories/2006/4176
http://marc.info/?l=mutt-dev&m=115999486426292&w=2
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10601

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:mutt:mutt:1.2.1:::::::*
	cpe:2.3:a:mutt:mutt:1.2.5:::::::*
	cpe:2.3:a:mutt:mutt:1.3.12.1:::::::*
	cpe:2.3:a:mutt:mutt:1.3.16:::::::*
	cpe:2.3:a:mutt:mutt:1.4.0:::::::*
	cpe:2.3:a:mutt:mutt:1.4.1:::::::*
	cpe:2.3:a:mutt:mutt:0.95.6:::::::*
	cpe:2.3:a:mutt:mutt:1.2.5.5:::::::*
	cpe:2.3:a:mutt:mutt:1.3.12:::::::*
	cpe:2.3:a:mutt:mutt:1.3.27:::::::*
	cpe:2.3:a:mutt:mutt:1.3.28:::::::*
	cpe:2.3:a:mutt:mutt:1.4.2.1:::::::*
	cpe:2.3:a:mutt:mutt:1.3.25:::::::*
	cpe:2.3:a:mutt:mutt::::::::
	cpe:2.3:a:mutt:mutt:1.3.22:::::::*
	cpe:2.3:a:mutt:mutt:1.2.5.12:::::::*
	cpe:2.3:a:mutt:mutt:1.2.5.1:::::::*
	cpe:2.3:a:mutt:mutt:1.2.5.4:::::::*
	cpe:2.3:a:mutt:mutt:1.3.24:::::::*
	cpe:2.3:a:mutt:mutt:1.4.2:::::::*
	cpe:2.3:a:mutt:mutt:1.3.17:::::::*
	cpe:2.3:a:mutt:mutt:1.5.3:::::::*
	cpe:2.3:a:mutt:mutt:1.2.5.12_ol:::::::*
	cpe:2.3:a:mutt:mutt:1.5.10:::::::*

Information

Published : 2006-10-16 12:07

Updated : 2017-10-10 18:31

NVD link : CVE-2006-5297

Mitre link : CVE-2006-5297

JSON object : View

CWE

NVD-CWE-Other

Advertisement

Products Affected

mutt

mutt

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.securityfocus.com/bid/20733", "name": "20733", "tags": [], "refsource": "BID"}, {"url": "http://secunia.com/advisories/22613", "name": "22613", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/22640", "name": "22640", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.ubuntu.com/usn/usn-373-1", "name": "USN-373-1", "tags": [], "refsource": "UBUNTU"}, {"url": "http://secunia.com/advisories/22686", "name": "22686", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.trustix.org/errata/2006/0061/", "name": "2006-0061", "tags": [], "refsource": "TRUSTIX"}, {"url": "http://secunia.com/advisories/22685", "name": "22685", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:190", "name": "MDKSA-2006:190", "tags": [], "refsource": "MANDRIVA"}, {"url": "http://www.redhat.com/support/errata/RHSA-2007-0386.html", "name": "RHSA-2007:0386", "tags": [], "refsource": "REDHAT"}, {"url": "http://secunia.com/advisories/25529", "name": "25529", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.vupen.com/english/advisories/2006/4176", "name": "ADV-2006-4176", "tags": [], "refsource": "VUPEN"}, {"url": "http://marc.info/?l=mutt-dev&m=115999486426292&w=2", "name": "[mutt-dev] 20061004 security problem with temp files [was Re: mutt_adv_mktemp() ?]", "tags": [], "refsource": "MLIST"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10601", "name": "oval:org.mitre.oval:def:10601", "tags": [], "refsource": "OVAL"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Race condition in the safe_open function in the Mutt mail client 1.5.12 and earlier, when creating temporary files in an NFS filesystem, allows local users to overwrite arbitrary files due to limitations of the use of the O_EXCL flag on NFS filesystems."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2006-5297", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 1.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "HIGH", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "severity": "LOW", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 1.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2006-10-16T19:07Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:mutt:mutt:1.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mutt:mutt:1.2.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mutt:mutt:1.3.12.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mutt:mutt:1.3.16:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mutt:mutt:1.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mutt:mutt:1.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mutt:mutt:0.95.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mutt:mutt:1.2.5.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mutt:mutt:1.3.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mutt:mutt:1.3.27:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mutt:mutt:1.3.28:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mutt:mutt:1.4.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mutt:mutt:1.3.25:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "1.5.12"}, {"cpe23Uri": "cpe:2.3:a:mutt:mutt:1.3.22:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mutt:mutt:1.2.5.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mutt:mutt:1.2.5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mutt:mutt:1.2.5.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mutt:mutt:1.3.24:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mutt:mutt:1.4.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mutt:mutt:1.3.17:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mutt:mutt:1.5.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mutt:mutt:1.2.5.12_ol:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:mutt:mutt:1.5.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-10-11T01:31Z"}