Test ID:	1.3.6.1.4.1.25623.1.0.882938
Category:	CentOS Local Security Checks
Title:	CentOS Update for mutt CESA-2018:2526 centos7
Summary:	Check the version of mutt
Description:	Summary: Check the version of mutt Vulnerability Insight: Mutt is a low resource, highly configurable, text-based MIME e-mail client. Mutt supports most e-mail storing formats, such as mbox and Maildir, as well as most protocols, including POP3 and IMAP. Security Fix(es): * mutt: Remote code injection vulnerability to an IMAP mailbox (CVE-2018-14354) * mutt: Remote Code Execution via backquote characters (CVE-2018-14357) * mutt: POP body caching path traversal vulnerability (CVE-2018-14362) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Affected Software/OS: mutt on CentOS 7 Solution: Please install the updated packages. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-14354 BugTraq ID: 104925 http://www.securityfocus.com/bid/104925 Debian Security Information: DSA-4277 (Google Search) https://www.debian.org/security/2018/dsa-4277 https://security.gentoo.org/glsa/201810-07 http://www.mutt.org/news.html https://github.com/neomutt/neomutt/commit/95e80bf9ff10f68cb6443f760b85df4117cb15eb https://gitlab.com/muttmua/mutt/commit/185152818541f5cdc059cbff3f3e8b654fc27c1d https://neomutt.org/2018/07/16/release https://lists.debian.org/debian-lts-announce/2018/08/msg00001.html RedHat Security Advisories: RHSA-2018:2526 https://access.redhat.com/errata/RHSA-2018:2526 https://usn.ubuntu.com/3719-1/ https://usn.ubuntu.com/3719-2/ https://usn.ubuntu.com/3719-3/ Common Vulnerability Exposure (CVE) ID: CVE-2018-14357 https://github.com/neomutt/neomutt/commit/e52393740334443ae0206cab2d7caef381646725 Common Vulnerability Exposure (CVE) ID: CVE-2018-14362 https://github.com/neomutt/neomutt/commit/9bfab35522301794483f8f9ed60820bdec9be59e https://gitlab.com/muttmua/mutt/commit/6aed28b40a0410ec47d40c8c7296d8d10bae7576
Copyright	Copyright (C) 2018 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.