Mutt Security Bypass Vulnerability Network Vulnerability

Summary

This host has installed Mutt and is prone to Security Bypass Vulnerability

Impact

Successful exploits allow attackers to spoof SSL certificates of trusted servers and redirect a user to a malicious web site. Impact Level: Application

Solution

Apply the patch https://bugzilla.redhat.com/show_bug.cgi?id=504979

Insight

When Mutt is linked with OpenSSL or GnuTLS it allows connections only one TLS certificate in the chain instead of verifying the entire chain.

Affected

Mutt version 1.5.19 on Linux.

References

http://www.openwall.com/lists/oss-security/2009/06/10/2
http://xforce.iss.net/xforce/xfdb/51068

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-1390

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Adobe Flash Player Multiple Security Bypass Vulnerabilities - 01 Feb14 (Mac OS X)
Adobe Reader Cross-Site Scripting & Denial of Service Vulnerabilities (Mac OS X)
Apache Tomcat Multiple Vulnerabilities - 03 Mar14
Apple Safari Multiple Vulnerabilities
Apple Safari Multiple Memory Corruption Vulnerabilities-03 Aug14 (Mac OS X)

Take action and discover your vulnerabilities