| |||||||||||||
| Test ID: | 1.3.6.1.4.1.25623.1.0.70946 |
| Category: | Ubuntu Local Security Checks |
| Title: | Ubuntu USN-1221-1 (mutt) |
| Summary: | Ubuntu USN-1221-1 (mutt) |
| Description: | The remote host is missing an update to mutt announced via advisory USN-1221-1. Details: It was discovered that mutt incorrectly verified the hostname in an SSL certificate. An attacker could trick mutt into trusting a rogue SMTPS, IMAPS, or POP3S server's certificate, which was signed by a trusted certificate authority, to perform a man-in-the-middle attack. Solution: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.04: mutt 1.5.21-2ubuntu3.1 mutt-patched 1.5.21-2ubuntu3.1 Ubuntu 10.10: mutt 1.5.20-9ubuntu2.1 mutt-patched 1.5.20-9ubuntu2.1 Ubuntu 10.04 LTS: mutt 1.5.20-7ubuntu1.1 mutt-patched 1.5.20-7ubuntu1.1 http://www.securityspace.com/smysecure/catid.html?in=USN-1221-1 |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2011-1429 http://seclists.org/fulldisclosure/2011/Mar/87 http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061353.html http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061356.html http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061461.html http://www.redhat.com/support/errata/RHSA-2011-0959.html BugTraq ID: 46803 http://www.securityfocus.com/bid/46803 http://secunia.com/advisories/44937 http://securityreason.com/securityalert/8143 XForce ISS Database: mutt-smtptls-weak-security(66015) http://xforce.iss.net/xforce/xfdb/66015 |
| Copyright | Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com |
| This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |
|
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois
© 1998-2013 E-Soft Inc. All rights reserved.