Contact | Site en Français               

 


 

Vulnerabilities & Threats
 
  VUPEN Security Advisories
  Linux Security Advisories

  Malware Advisories
  Security Research
  Threat Watch Blog
  Zero-Day Monitor
  Search Engine
  Mailing List & RSS
 
   

>> Mandriva Security Update Fixes Mutt Information Disclosure Security Weakness

Title : Mandriva Security Update Fixes Mutt Information Disclosure Security Weakness
VUPEN ID : VUPEN/ADV-2007-2050
CVE ID : CVE-2007-1558
Rated as : Low Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-06-05

Technical Description    Receive VUPEN Security alerts in a Text format  Receive VUPEN Security alerts in a PDF format  Receive VUPEN Security alerts in an XML format  Receive VUPEN Security notifications by SMS 

A weakness has been identified in Mandriva, which could be exploited by remote attackers to gain knowledge of sensitive information. This issue is caused by an error in Mutt. For additional information, see : VUPEN/ADV-2007-1467

Affected Products

Mandriva Linux 2007.0
Mandriva Linux 2007.1
Mandriva Corporate 3.0

Solution

Upgrade the affected packages :

Mandriva Linux 2007.0:
b43721e2b31820fd9f5812d5d2ea7709 2007.0/i586/mutt-1.5.11-5.2mdv2007.0.i586.rpm
0a2ecfcd4950075f788a68c16e6a513d 2007.0/i586/mutt-utf8-1.5.11-5.2mdv2007.0.i586.rpm
cb6ce601ab9f3542afcacb09614a4ebd 2007.0/SRPMS/mutt-1.5.11-5.2mdv2007.0.src.rpm

Mandriva Linux 2007.0/X86_64:
3c26410f2cbed87435c86122095994e0 2007.0/x86_64/mutt-1.5.11-5.2mdv2007.0.x86_64.rpm
c8a815d5f8de4cf548084bbcb0cc4957 2007.0/x86_64/mutt-utf8-1.5.11-5.2mdv2007.0.x86_64.rpm
cb6ce601ab9f3542afcacb09614a4ebd 2007.0/SRPMS/mutt-1.5.11-5.2mdv2007.0.src.rpm

Mandriva Linux 2007.1:
9c4ced2eba202a4f2670d6986ba12d4a 2007.1/i586/mutt-1.5.14-1.1mdv2007.1.i586.rpm
f6db8984bf23a3dfb38ac0aa50fc521f 2007.1/i586/mutt-utf8-1.5.14-1.1mdv2007.1.i586.rpm
4d192718f3b9b508492f6e686e96c27b 2007.1/SRPMS/mutt-1.5.14-1.1mdv2007.1.src.rpm

Mandriva Linux 2007.1/X86_64:
55ddf6e16f45e7d206279c207c51725a 2007.1/x86_64/mutt-1.5.14-1.1mdv2007.1.x86_64.rpm
980c4db7c94c05cf53329b085b0d44d8 2007.1/x86_64/mutt-utf8-1.5.14-1.1mdv2007.1.x86_64.rpm
4d192718f3b9b508492f6e686e96c27b 2007.1/SRPMS/mutt-1.5.14-1.1mdv2007.1.src.rpm

Corporate 3.0:
04fc719b9625069d10f3d8fc8234d0e2 corporate/3.0/i586/mutt-1.5.5.1i-2.3.C30mdk.i586.rpm
e8edc6bc6d2726c87841c26140293f3a corporate/3.0/i586/mutt-utf8-1.5.5.1i-2.3.C30mdk.i586.rpm
a7a4c85f414451f966598bf5ac39e86f corporate/3.0/SRPMS/mutt-1.5.5.1i-2.3.C30mdk.src.rpm

Corporate 3.0/X86_64:
07e8da602972a500108a15dc6e751ebd corporate/3.0/x86_64/mutt-1.5.5.1i-2.3.C30mdk.x86_64.rpm
3f7729407df0c9037c5514c3f9b746fe corporate/3.0/x86_64/mutt-utf8-1.5.5.1i-2.3.C30mdk.x86_64.rpm
a7a4c85f414451f966598bf5ac39e86f corporate/3.0/SRPMS/mutt-1.5.5.1i-2.3.C30mdk.src.rpm

References

http://www.vupen.com/english/advisories/2007/2050
http://archives.mandrivalinux.com/security-announce/2007-06/msg00003.php

ChangeLog

2007-06-05 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.
 

Vulnerability Alerting

Free 14-Day Trial
 
  Latest News

 

  >> 2009-06-10

     

  VUPEN Security Research
  Discovered Critical Flaws
  in Adobe Acrobat and MS
  Office Word


  >> 2009-06-02

     

  VUPEN Security Research
  Discovered Critical Flaws
  in ACDSee Products


  >> 2009-05-22

     

  VUPEN Discovered Two
  Critical Vulnerabilities in
  Novell GroupWise 8 / 7


  >> 2009-05-12

     

  Microsoft Patched 14
  Office PowerPoint Flaws

 

  >> 2009-04-28

     

  Adobe Reader / Acrobat
  Vulnerabilities Disclosed

 

 

More Informations    
    








Copyright 2003-2009 © VUPEN.COM - Privacy Policy