Описание
Mutt before 1.5.20 patch 7 allows an attacker to cause a denial of service via a series of requests to mutt temporary files.
An insecure temporary file vulnerability was found in the way mutt created temporary files under /tmp. Specifically, mutt created temporary files in an insecure way, using only predictable elements such as the hostname, user ID (uid) and process ID (pid). A local attacker could exploit this flaw to create those temporary files beforehand, causing a denial of service by preventing the user from using mutt.
Отчет
This flaw does not affect versions of mutt as shipped with Red Hat Enterprise Linux 7 and 8 as they already include the patch.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | mutt | Out of support scope | ||
| Red Hat Enterprise Linux 6 | mutt | Out of support scope | ||
| Red Hat Enterprise Linux 7 | mutt | Not affected | ||
| Red Hat Enterprise Linux 8 | mutt | Not affected |
Показывать по
Дополнительная информация
Статус:
5.5 Medium
CVSS3
Связанные уязвимости
Mutt before 1.5.20 patch 7 allows an attacker to cause a denial of service via a series of requests to mutt temporary files.
Mutt before 1.5.20 patch 7 allows an attacker to cause a denial of service via a series of requests to mutt temporary files.
Mutt before 1.5.20 patch 7 allows an attacker to cause a denial of ser ...
Mutt before 1.5.20 patch 7 allows an attacker to cause a denial of service via a series of requests to mutt temporary files.
5.5 Medium
CVSS3