English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.843642
Category:Ubuntu Local Security Checks
Title:Ubuntu: Security Advisory (USN-3719-3)
Summary:The remote host is missing an update for the 'mutt' package(s) announced via the USN-3719-3 advisory.
Description:Summary:
The remote host is missing an update for the 'mutt' package(s) announced via the USN-3719-3 advisory.

Vulnerability Insight:
USN-3719-1 fixed vulnerabilities in Mutt. Unfortunately, the fixes were
not correctly applied to the packaging for Mutt in Ubuntu 16.04 LTS.
This update corrects the oversight.

We apologize for the inconvenience.

Original advisory details:

It was discovered that Mutt incorrectly handled certain requests.
An attacker could possibly use this to execute arbitrary code.
(CVE-2018-14350, CVE-2018-14352, CVE-2018-14354, CVE-2018-14359,
CVE-2018-14358, CVE-2018-14353 ,CVE-2018-14357)

It was discovered that Mutt incorrectly handled certain inputs.
An attacker could possibly use this to access or expose sensitive
information. (CVE-2018-14355, CVE-2018-14356, CVE-2018-14351,
CVE-2018-14362, CVE-2018-14349)

Affected Software/OS:
'mutt' package(s) on Ubuntu 16.04.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2018-14349
Debian Security Information: DSA-4277 (Google Search)
https://www.debian.org/security/2018/dsa-4277
https://security.gentoo.org/glsa/201810-07
http://www.mutt.org/news.html
https://github.com/neomutt/neomutt/commit/36a29280448097f34ce9c94606195f2ac643fed1
https://gitlab.com/muttmua/mutt/commit/9347b5c01dc52682cb6be11539d9b7ebceae4416
https://neomutt.org/2018/07/16/release
https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html
https://usn.ubuntu.com/3719-3/
Common Vulnerability Exposure (CVE) ID: CVE-2018-14350
BugTraq ID: 104931
http://www.securityfocus.com/bid/104931
https://github.com/neomutt/neomutt/commit/1b0f0d0988e6df4e32e9f4bf8780846ea95d4485
https://gitlab.com/muttmua/mutt/commit/3287534daa3beac68e2e83ca4b4fe8a3148ff870
https://usn.ubuntu.com/3719-1/
https://usn.ubuntu.com/3719-2/
Common Vulnerability Exposure (CVE) ID: CVE-2018-14351
https://github.com/neomutt/neomutt/commit/3c49c44be9b459d9c616bcaef6eb5d51298c1741
https://gitlab.com/muttmua/mutt/commit/e57a8602b45f58edf7b3ffb61bb17525d75dfcb1
Common Vulnerability Exposure (CVE) ID: CVE-2018-14352
https://github.com/neomutt/neomutt/commit/e27b65b3bf8defa34db58919496056caf3850cd4
https://gitlab.com/muttmua/mutt/commit/e0131852c6059107939893016c8ff56b6e42865d
Common Vulnerability Exposure (CVE) ID: CVE-2018-14353
https://github.com/neomutt/neomutt/commit/65d64a5b60a4a3883f2cd799d92c6091d8854f23
Common Vulnerability Exposure (CVE) ID: CVE-2018-14354
BugTraq ID: 104925
http://www.securityfocus.com/bid/104925
https://github.com/neomutt/neomutt/commit/95e80bf9ff10f68cb6443f760b85df4117cb15eb
https://gitlab.com/muttmua/mutt/commit/185152818541f5cdc059cbff3f3e8b654fc27c1d
RedHat Security Advisories: RHSA-2018:2526
https://access.redhat.com/errata/RHSA-2018:2526
Common Vulnerability Exposure (CVE) ID: CVE-2018-14355
https://github.com/neomutt/neomutt/commit/57971dba06346b2d7179294f4528b8d4427a7c5d
https://gitlab.com/muttmua/mutt/commit/31eef6c766f47df8281942d19f76e35f475c781d
Common Vulnerability Exposure (CVE) ID: CVE-2018-14356
https://github.com/neomutt/neomutt/commit/93b8ac558752d09e1c56d4f1bc82631316fa9c82
https://gitlab.com/muttmua/mutt/commit/e154cba1b3fc52bb8cb8aa846353c0db79b5d9c6
Common Vulnerability Exposure (CVE) ID: CVE-2018-14357
https://github.com/neomutt/neomutt/commit/e52393740334443ae0206cab2d7caef381646725
Common Vulnerability Exposure (CVE) ID: CVE-2018-14358
Common Vulnerability Exposure (CVE) ID: CVE-2018-14359
https://github.com/neomutt/neomutt/commit/6f163e07ae68654d7ac5268cbb7565f6df79ad85
https://gitlab.com/muttmua/mutt/commit/3d9028fec8f4d08db2251096307c0bbbebce669a
Common Vulnerability Exposure (CVE) ID: CVE-2018-14362
https://github.com/neomutt/neomutt/commit/9bfab35522301794483f8f9ed60820bdec9be59e
https://gitlab.com/muttmua/mutt/commit/6aed28b40a0410ec47d40c8c7296d8d10bae7576
CopyrightCopyright (C) 2018 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.