Debian Local Security Checks : Debian LTS: Security Advisory for mutt (DLA-2529-1)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.892529

Categoría: Debian Local Security Checks

Título: Debian LTS: Security Advisory for mutt (DLA-2529-1)

Resumen: The remote host is missing an update for the 'mutt'; package(s) announced via the DLA-2529-1 advisory.

Descripción: Summary:
The remote host is missing an update for the 'mutt'
package(s) announced via the DLA-2529-1 advisory.

Vulnerability Insight:
rfc822.c in Mutt through 2.0.4 allows remote attackers to
cause a denial of service (mailbox unavailability) by sending
email messages with sequences of semicolon characters in
RFC822 address fields (aka terminators of empty groups).

A small email message from the attacker can cause large
memory consumption, and the victim may then be unable to
see email messages from other persons.

Affected Software/OS:
'mutt' package(s) on Debian Linux.

Solution:
For Debian 9 stretch, this problem has been fixed in version
1.7.2-1+deb9u5.

We recommend that you upgrade your mutt packages.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2021-3181
Debian Security Information: DSA-4838 (Google Search)
https://www.debian.org/security/2021/dsa-4838
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DXGWXFO77HBCD3VYEIYHHYU33LYWWWNQ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P2OMLQKAOHPYQA4GI7ZUO6UKCPUHLYO7/
https://security.gentoo.org/glsa/202101-25
https://gitlab.com/muttmua/mutt/-/commit/4a2becbdb4422aaffe3ce314991b9d670b7adf17
https://gitlab.com/muttmua/mutt/-/commit/939b02b33ae29bc0d642570c1dcfd4b339037d19
https://gitlab.com/muttmua/mutt/-/commit/d4305208955c5cdd9fe96dfa61e7c1e14e176a14
https://gitlab.com/muttmua/mutt/-/issues/323
https://lists.debian.org/debian-lts-announce/2021/01/msg00017.html
http://www.openwall.com/lists/oss-security/2021/01/19/10
http://www.openwall.com/lists/oss-security/2021/01/27/3

Copyright Copyright (C) 2021 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.892529
Categoría:	Debian Local Security Checks
Título:	Debian LTS: Security Advisory for mutt (DLA-2529-1)
Resumen:	The remote host is missing an update for the 'mutt'; package(s) announced via the DLA-2529-1 advisory.
Descripción:	Summary: The remote host is missing an update for the 'mutt' package(s) announced via the DLA-2529-1 advisory. Vulnerability Insight: rfc822.c in Mutt through 2.0.4 allows remote attackers to cause a denial of service (mailbox unavailability) by sending email messages with sequences of semicolon characters in RFC822 address fields (aka terminators of empty groups). A small email message from the attacker can cause large memory consumption, and the victim may then be unable to see email messages from other persons. Affected Software/OS: 'mutt' package(s) on Debian Linux. Solution: For Debian 9 stretch, this problem has been fixed in version 1.7.2-1+deb9u5. We recommend that you upgrade your mutt packages. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2021-3181 Debian Security Information: DSA-4838 (Google Search) https://www.debian.org/security/2021/dsa-4838 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DXGWXFO77HBCD3VYEIYHHYU33LYWWWNQ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P2OMLQKAOHPYQA4GI7ZUO6UKCPUHLYO7/ https://security.gentoo.org/glsa/202101-25 https://gitlab.com/muttmua/mutt/-/commit/4a2becbdb4422aaffe3ce314991b9d670b7adf17 https://gitlab.com/muttmua/mutt/-/commit/939b02b33ae29bc0d642570c1dcfd4b339037d19 https://gitlab.com/muttmua/mutt/-/commit/d4305208955c5cdd9fe96dfa61e7c1e14e176a14 https://gitlab.com/muttmua/mutt/-/issues/323 https://lists.debian.org/debian-lts-announce/2021/01/msg00017.html http://www.openwall.com/lists/oss-security/2021/01/19/10 http://www.openwall.com/lists/oss-security/2021/01/27/3
Copyright	Copyright (C) 2021 Greenbone Networks GmbH