Debian Security Advisory DSA 096-1 (mutt) Network Vulnerability

Summary

The remote host is missing an update to mutt announced via advisory DSA 096-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20096-1

Insight

Joost Pol found a buffer overflow in the address handling code of mutt (a popular mail user agent). Even though this is a one byte overflow this is exploitable. This has been fixed upstream in version 1.2.5.1 and 1.3.25. The relevant patch has been added to version 1.2.5-5 of the Debian package.

Severity

Classification

CVE CVE-2002-0001
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Debian Security Advisory DSA 047-1 (various kernel packages)
Debian Security Advisory DSA 033-1 (analog)
Debian Security Advisory DSA 1033-1 (horde3)
Debian Security Advisory DSA 102-1 (at)
Debian Security Advisory DSA 106-1 (rsync)

Take action and discover your vulnerabilities