18 matches found
AlmaLinux 8 : mutt (ALSA-2021:4181)
The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2021:4181 advisory. - Mutt before 2.0.2 and NeoMutt before 2020-11-20 did not ensure that $sslforcetls was processed if an IMAP server's initial server response was invalid...
RHEL 8 : mutt (RHSA-2021:4181)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:4181 advisory. Mutt is a low resource, highly configurable, text-based MIME e-mail client. Mutt supports most e-mail storing formats, such as mbox and...
Moderate: Red Hat Security Advisory: mutt security, bug fix, and enhancement update
An update for mutt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
SUSE SLES11 Security Update : mutt (SUSE-SU-2020:14551-1)
The remote SUSE Linux SLES11 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2020:14551-1 advisory. - Mutt before 2.0.2 and NeoMutt before 2020-11-20 did not ensure that $sslforcetls was processed if an IMAP server's initial server response was...
SUSE: Security Advisory (SUSE-SU-2020:14551-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:3632-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for mutt (EulerOS-SA-2021-1690)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GLSA-202101-32 : Mutt, NeoMutt: Information disclosure
The remote host is affected by the vulnerability described in GLSA-202101-32 Mutt, NeoMutt: Information disclosure A weakness in TLS handshake handling was found which may allow information disclosure. Impact : A remote attacker may be able to cause information disclosure. Workaround : There is n...
Huawei EulerOS: Security Advisory for mutt (EulerOS-SA-2021-1098)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15 / SLES15 Security Update : mutt (SUSE-SU-2020:3568-1)
This update for mutt fixes the following issues : CVE-2020-28896: incomplete connection termination could lead to sending credentials over unencrypted connections bsc1179035 Avoid that message with a million tiny parts can freeze MUA for several minutes bsc1179113 Note that Tenable Network Securi...
openSUSE Security Update : mutt (openSUSE-2020-2128)
This update for mutt fixes the following issues : - CVE-2020-28896: incomplete connection termination could lead to sending credentials over unencrypted connections bsc1179035 - Avoid that message with a million tiny parts can freeze MUA for several minutes bsc1179113 This update was imported fro...
Updated mutt packages fix a security vulnerability
Mutt before 2.0.2 did not ensure that $sslforcetls was processed if an IMAP server's initial server response was invalid. The connection was not properly closed, and the code could continue attempting to authenticate. This could result in authentication credentials being exposed on an unencrypted...
openSUSE Security Update : mutt (openSUSE-2020-2141)
This update for mutt fixes the following issues : - CVE-2020-28896: incomplete connection termination could lead to sending credentials over unencrypted connections bsc1179035 - Avoid that message with a million tiny parts can freeze MUA for several minutes bsc1179113 This update was imported fro...
Security update for mutt (important)
openSUSE Security Update: Security update for mutt Announcement ID: openSUSE-SU-2020:2141-1 Rating: important References: 1179035 1179113 Cross-References: CVE-2020-28896 Affected Products: openSUSE Leap 15.2 An update that solves one vulnerability and has one errata is now available. Description...
SUSE-SU-2020:14551-1 Security update for mutt
This update for mutt fixes the following issues: - CVE-2020-28896: incomplete connection termination could lead to sending credentials over unencrypted connections bsc1179035 - Avoid that message with a million tiny parts can freeze MUA for several minutes bsc1179113...
[slackware-security] mutt
New mutt packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/mutt-1.10.1-i586-2slack14.2.txz: Rebuilt. Mutt had incorrect error handling when initially connecting to an IMAP server,...
CVE-2020-28896
creationtimestamp| type| source ---|---|--- 2020-11-23 22:46:06+00:00| seen| https://t.me/cibsecurity/16737...
CVE-2020-28896
CVE-2020-28896 affects Mutt and NeoMutt where, during IMAP initial responses, the client did not properly consult $ssl_force_tls and/or close the connection, allowing potential exposure of authentication credentials to an unencrypted channel or a Man‑in‑the‑Middle. The issue occurs in Mutt up to ...