Balsa: Buffer overflow — GLSA 200710-17

Balsa is vulnerable to a buffer overflow allowing for the user-assisted execution of arbitrary code.

Affected Packages

mail-client/balsa on all architectures
Affected versions < 2.3.20
Unaffected versions >= 2.3.20

Background

Balsa is a highly configurable email client for GNOME.

Description

Evil Ninja Squirrel discovered a stack-based buffer overflow in the ir_fetch_seq() function when receiving a long response to a FETCH command (CVE-2007-5007).

Impact

A remote attacker could entice a user to connect to a malicious or compromised IMAP server, possibly leading to the execution of arbitrary code with the rights of the user running Balsa.

Workaround

There is no known workaround at this time.

Resolution

All Balsa users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=mail-client/balsa-2.3.20"

References

Release Date
October 16, 2007

Latest Revision
October 16, 2007: 01

Severity
normal

Exploitable
remote

Bugzilla entries