← back
CVE-2006-5297

CVE-2006-5297

EPSS 0.3%
Race condition in the safe_open function in the Mutt mail client 1.5.12 and earlier, when creating temporary files in an NFS filesystem, allows local users to overwrite arbitrary files due to limitations of the use of the O_EXCL flag on NFS filesystems.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://marc.info/?l=mutt-dev&m=115999486426292&w=2http://secunia.com/advisories/22613http://secunia.com/advisories/22640http://secunia.com/advisories/22685http://secunia.com/advisories/22686http://secunia.com/advisories/25529https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10601http://www.mandriva.com/security/advisories?name=MDKSA-2006:190http://www.redhat.com/support/errata/RHSA-2007-0386.htmlhttp://www.securityfocus.com/bid/20733http://www.trustix.org/errata/2006/0061/http://www.ubuntu.com/usn/usn-373-1