Lucene search

[email protected]NVD:CVE-2011-1429

HistoryMar 16, 2011 - 10:55 p.m.

CVE-2011-1429

2011-03-1622:55:04

CWE-20

[email protected]

web.nvd.nist.gov

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

AI Score

6.1

Confidence

Low

EPSS

0.003

Percentile

66.2%

JSON

Mutt does not verify that the smtps server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL SMTP server via an arbitrary certificate, a different vulnerability than CVE-2009-3766.

Affected configurations

Nvd

Node

muttmutt

VendorProductVersionCPE
muttmutt*cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mutt	mutt	*	cpe:2.3:a:mutt:mutt::::::::

References

lists.fedoraproject.org/pipermail/package-announce/2011-June/061353.html

lists.fedoraproject.org/pipermail/package-announce/2011-June/061356.html

lists.fedoraproject.org/pipermail/package-announce/2011-June/061461.html

seclists.org/fulldisclosure/2011/Mar/87

secunia.com/advisories/44937

securityreason.com/securityalert/8143

www.redhat.com/support/errata/RHSA-2011-0959.html

www.securityfocus.com/bid/46803

exchange.xforce.ibmcloud.com/vulnerabilities/66015

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

AI Score

6.1

Confidence

Low

EPSS

0.003

Percentile

66.2%

JSON

Related for NVD:CVE-2011-1429

openvas15 nessus11 cvelist2 ubuntucve2 cve2 prion2 debiancve2 securityvulns2 fedora3 nvd1 redhat1 oraclelinux1 freebsd1 cbl_mariner1 ubuntu1