|
|
Subscribe / Log in / New account

mutt: man-in-the-middle attack

Package(s):mutt CVE #(s):CVE-2011-1429
Created:June 13, 2011 Updated:April 2, 2012
Description: From the CVE entry:

Mutt does not verify that the smtps server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL SMTP server via an arbitrary certificate, a different vulnerability than CVE-2009-3766.

Alerts:
Mandriva MDVSA-2012:048 mutt 2012-04-02
Ubuntu USN-1221-1 mutt 2011-09-29
Red Hat RHSA-2011:0959-01 mutt 2011-07-19
Scientific Linux SL-mutt-20110719 mutt 2011-07-19
Fedora FEDORA-2011-7756 mutt 2011-06-02
Fedora FEDORA-2011-7751 mutt 2011-06-02
Fedora FEDORA-2011-7739 mutt 2011-06-02
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds