SB2018071922 - Fedora 27 update for mutt 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2018071922

SB2018071922 - Fedora 27 update for mutt

Published: July 19, 2018 Updated: April 24, 2025

Security Bulletin ID SB2018071922
Severity
High
Patch available
YES
Number of vulnerabilities 12
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 17% Low 83%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 12 secuirty vulnerabilities.


1) Stack-based buffer overflow (CVE-ID: CVE-2018-14358)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to stack-based buffer overflow in imap/message.c. A remote attacker can use FETCH response with a long RFC822.SIZE field, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.


2) Stack-based buffer overflow (CVE-ID: CVE-2018-14352)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to imap_quote_string in imap/util.c does not leave room for quote characters. A remote attacker can use FETCH response with a long INTERNALDATE field, trigger stack-based buffer overflow and cause the service to crash.


3) Integer underflow (CVE-ID: CVE-2018-14353)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to integer underflow in imap_quote_string in imap/util.c. . A remote attacker can trigger memory corruption and cause the service to crash.


4) Privilege escalation (CVE-ID: CVE-2018-14356)

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The vulnerability exists due to improper handling of a zero-length unique identifier (UID) by the pop.c code. A local attacker can manipulate the UID value assigned to an email message and cause the service to crash or execute arbitrary code with elevated privileges.


5) Buffer overflow (CVE-ID: CVE-2018-14359)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to buffer overflow when handling malicious input. A remote attacker can use base64 data, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of the vulnerability may result in system compromise.


6) Command injection (CVE-ID: CVE-2018-14354)

The vulnerability allows a remote attacker to execute arbitrary commands on the target system.

The vulnerability exists due to command injection. A remote attacker can use IMAP servers to inject and execute arbitrary commands via backquote characters, related to the mailboxes command associated with a manual subscription or unsubscription.


7) Path traversal (CVE-ID: CVE-2018-14355)

The vulnerability allows a remote attacker to obtain potentially sensitive information cause DoS condition on the target system.

The vulnerability exists due to imap/util.c mishandles ".." directory traversal in a mailbox name. A remote attacker can conduct directory traversal attack and gain access to arbitrary data or cause the service to crash.


8) Path traversal (CVE-ID: CVE-2018-14362)

The vulnerability allows a remote attacker to obtain potentially sensitive information cause DoS condition on the target system.

The vulnerability exists due to forbid characters that may have unsafe interaction with message-cache pathnames, as demonstrated by a '/' character. A remote attacker can conduct directory traversal attack and gain access to arbitrary data or cause the service to crash.


9) Command injection (CVE-ID: CVE-2018-14357)

The vulnerability allows a remote attacker to execute arbitrary commands on the target system.

The vulnerability exists due to command injection. A remote attacker can use IMAP servers to inject and execute arbitrary commands via backquote characters, related to the mailboxes command associated with an automatic subscription.


10) Stack-based buffer overflow (CVE-ID: CVE-2018-14350)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to stack-based buffer overflow in imap/message.c. A remote attacker can use FETCH response with a long INTERNALDATE field, trigger memory corruption and cause the service to crash.


11) Improper input validation (CVE-ID: CVE-2018-14349)

The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The vulnerability exists due to mishandling of a NO response without a message in imap/command.c. A remote attacker can bypass security restrictions and conduct further attacks.


12) Improper input validation (CVE-ID: CVE-2018-14351)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to imap/command.c mishandles a long IMAP status mailbox literal count size. A remote attacker can supply specially crafted input and cause the service to crash.


Remediation

Install update from vendor's website.

References