Mutt Email Client Vulnerability in SSL Communication
CVE-2011-1429

Currently unrated

Key Information:

Vendor: Mutt
Status: Mutt
Vendor: CVE Published:; 16 March 2011

What is CVE-2011-1429?

The Mutt email client contains a flaw in its SSL SMTP communication that allows man-in-the-middle attackers to exploit improper verification of server hostnames against the domain name in the subject of an X.509 certificate. This weakness can enable a malicious third party to spoof an SSL SMTP server using arbitrary certificates, potentially compromising sensitive email communications. It's crucial for users of Mutt to ensure they are using updated versions that address this security concern.

References

http://www.redhat.com/support/errata/RHSA-2011-0959.html

vendor-advisoryx_refsource_REDHAT

http://secunia.com/advisories/44937

third-party-advisoryx_refsource_SECUNIA

http://securityreason.com/securityalert/8143

third-party-advisoryx_refsource_SREASON

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 16, 2011
Vulnerability Reserved
Mar 16, 2011

CVE-2011-1429 Data

JSON