Huawei EulerOS: Security Advisory for mutt (EulerOS-SA-2020-2109)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP3 : mutt (EulerOS-SA-2020-2109)

According to the versions of the mutt package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response.CVE-2020-14093 - Mutt before 1.14.4 and NeoMutt befo...

Arbitrary Code Execution

mutt is vulnerable to arbitrary code execution. The vulnerability exists through a stack-based buffer overflow in imap/message.c through a FETCH response with a long INTERNALDATE field...

Arbitrary Code Execution

mutt is vulnerable to arbitrary code execution. The vulnerability exists through a buffer overflow via base64 data...

Arbitrary Code Execution

mutt is vulnerable to arbitrary code execution. The vulnerability exists through an integer underflow in imapquotestring of imap/util.c...

TLS Response Injection

Mutt is vulnerable to TLS response injection. A STARTTLS buffering issue that affects IMAP, SMTP, and POP3 when a server sends a begin TLS response causes the client to read additional data e.g. from a man-in-the-middle attacker and evaluates it in a TLS context, aka response injection...

Arbitrary Code Execution

mutt is vulnerable to arbitrary code execution. The vulnerability exists through the mishandling of a long IMAP status mailbox literal count size...

Arbitrary Code Execution

mutt is vulnerable to arbitrary code execution. A stack-based buffer overflow in the function imapquotestring in imap/util.c allow an attacker to execute arbitrary code on the host OS via quote characters...

Arbitrary Code Execution

mutt is vulnerable to arbitrary code execution. The vulnerability exists through a stack-based buffer. overflow during a FETCH response with a long RFC822 SIZE field...

Denial Of Service (DoS)

mutt:trusty is vulnerable to denial of service DoS. pop.c mishandles a zero-length UID...

Arbitrary Code Execution

mutt is vulnerable to arbitrary code execution. The vulnerability exists in imap/command.c mishandles a NO response without a message...

Updated mutt packages fix security vulnerabilities

A potential IMAP Man-in-the-Middle attack via a PREAUTH response CVE-2020-14093. Mutt was ignoring an expired certificate and was proceeding with a connection CVE-2020-14154. A response injection due to a STARTTLS buffering issue which was affecting IMAP, SMTP, and POP3 CVE-2020-14954...

MGASA-2020-0357 Updated mutt packages fix security vulnerabilities

A potential IMAP Man-in-the-Middle attack via a PREAUTH response CVE-2020-14093. Mutt was ignoring an expired certificate and was proceeding with a connection CVE-2020-14154. A response injection due to a STARTTLS buffering issue which was affecting IMAP, SMTP, and POP3 CVE-2020-14954...

Mutt < 1.14.4 MITM Vulnerability

Mutt is prone to a man-in-the-middle MITM response injection vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Information Disclosure

mutt is vulnerable to information disclosure. The vulnerability exists as Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response...

GLSA-202007-57 : Mutt, Neomutt: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202007-57 Mutt, Neomutt: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Mutt and Neomutt. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE...

Mutt, Neomutt: Multiple vulnerabilities

Background Mutt is a small but very powerful text-based mail client. NeoMutt is a command line mail reader or MUA. It’s a fork of Mutt with added features. Description Multiple vulnerabilities have been discovered in Mutt and Neomutt. Please review the CVE identifiers referenced below for details...

openSUSE Security Update : mutt (openSUSE-2020-903)

This update for mutt fixes the following issues : - CVE-2020-14954: Fixed a response injection due to a STARTTLS buffering issue which was affecting IMAP, SMTP, and POP3 bsc1173197. - CVE-2020-14093: Fixed a potential IMAP Man-in-the-Middle attack via a PREAUTH response bsc1172906, bsc1172935. -...

SUSE SLED15 / SLES15 Security Update : mutt (SUSE-SU-2020:1771-1)

This update for mutt fixes the following issues : CVE-2020-14954: Fixed a response injection due to a STARTTLS buffering issue which was affecting IMAP, SMTP, and POP3 bsc1173197. CVE-2020-14093: Fixed a potential IMAP Man-in-the-Middle attack via a PREAUTH response bsc1172906, bsc1172935...

The vulnerability of the Mutt mail client, related to improper verification of certificate authenticity, allows a perpetrator to carry out a “man-in-the-middle” attack.

The vulnerability of the Mutt mail client is related to improper verification of the certificate’s authenticity. Exploiting this vulnerability allows a remote attacker to execute a “man-in-the-middle” attack...