English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 102521 CVE descriptions
and 54701 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-0001
None
--------------------------------------------------------------------------------

Name        : mutt
Product     : Fedora 7
Version     : 1.5.14
Release     : 4.fc7
Summary     : A text mode mail user agent
Description :
Mutt is a text-mode mail user agent. Mutt supports color, threading,
arbitrary key remapping, and a lot of customization.

You should install mutt if you have used it in the past and you prefer
it, or if you are new to mail programs and have not decided which one
you are going to use.

--------------------------------------------------------------------------------
Update Information:

This update fixes two security issues:

The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions. (CVE-2007-1558)

Buffer overflow in Mutt 1.4.2 might allow local users to execute arbitrary code via "&" characters in the GECOS field, which triggers the overflow during alias expansion. (CVE-2007-2683)
--------------------------------------------------------------------------------
ChangeLog:

* Thu May 31 2007 Miroslav Lichvar <mlichvar@redhat.com> 5:1.5.14-4
- validate msgid in APOP authentication (CVE-2007-1558)
- fix overflow in gecos field handling (CVE-2007-2683)
--------------------------------------------------------------------------------
References:

  CVE-2007-2683 - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2683
  CVE-2007-1558 - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558
--------------------------------------------------------------------------------
Updated packages:

0d77cc0f649490abd9f9f5647e4e2913e00159d8 mutt-1.5.14-4.fc7.ppc64.rpm
d785c471a51d451659879c46f658c0092464408b mutt-debuginfo-1.5.14-4.fc7.ppc64.rpm
89497641c382a999a84f9104dd313bf07b7e716b mutt-debuginfo-1.5.14-4.fc7.i386.rpm
001d473a42444ca1fa6199fdbff01d830553a2f5 mutt-1.5.14-4.fc7.i386.rpm
114cf3b1e8b53f083d8aa1b35f3aa2721fbdeb17 mutt-1.5.14-4.fc7.x86_64.rpm
cbf04dc13dbb231be3a364531067b1a5a826e69d mutt-debuginfo-1.5.14-4.fc7.x86_64.rpm
2726b125f4f05053507b4efee16a689b37e6dea6 mutt-1.5.14-4.fc7.ppc.rpm
616e62c1e6b402709285d54dbefc03da034fbe67 mutt-debuginfo-1.5.14-4.fc7.ppc.rpm
240746a7009d04df72e45d3b29999fc11f0a320f mutt-1.5.14-4.fc7.src.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://docs.fedoraproject.org/yum/.
--------------------------------------------------------------------------------

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2017 E-Soft Inc. All rights reserved.