Mandrake Linux Security Advisory : mutt (MDKSA-2002:002-1)

high Nessus Plugin ID 13910

Synopsis

The remote Mandrake Linux host is missing a security update.

Description

Joost Pol reported a remotely exploitable buffer overflow in the mutt email client. It is recommended that all mutt users upgrade their packages immediately.

Update :

The previous packages released for 8.x were unable to recall postponed messages due to an incorrect patch. These new packages also provide the compressed folders patch that was unavailable when MDKSA-2002:002 was announced.

Solution

Update the affected mutt package.

Plugin Details

Severity: High

ID: 13910

File Name: mandrake_MDKSA-2002-002.nasl

Version: 1.20

Type: local

Published: 7/31/2004

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:mutt, cpe:/o:mandrakesoft:mandrake_linux:7.1, cpe:/o:mandrakesoft:mandrake_linux:7.2, cpe:/o:mandrakesoft:mandrake_linux:8.0, cpe:/o:mandrakesoft:mandrake_linux:8.1

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 1/17/2002

Reference Information

CVE: CVE-2002-0001

BID: 3774

MDKSA: 2002:002-1