FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-12-20 14:15:46 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
49314321-7fd4-11e1-9582-001b2134ef46mutt-devel -- failure to check SMTP TLS server certificate

Dave B reports on Full Disclosure:

It seems that mutt fails to check the validity of a SMTP servers certificate during a TLS connection. [...] This means that an attacker could potentially MITM a mutt user connecting to their SMTP server even when the user has forced a TLS connection.


Discovery 2012-03-08
Entry 2012-04-06
mutt-devel
< 1.5.21_4

CVE-2011-1429
http://seclists.org/fulldisclosure/2011/Mar/87
d2a43243-087b-11db-bc36-0008743bf21amutt -- Remote Buffer Overflow Vulnerability

SecurityFocus reports:

Mutt is prone to a remote buffer-overflow vulnerability. This issue is due to the application's failure to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

This issue may allow remote attackers to execute arbitrary machine code in the context of the affected application. Failed exploit attempts will likely crash the application, denying further service to legitimate users.


Discovery 2006-06-26
Entry 2006-06-30
mutt
mutt-lite
<= 1.4.2.1_2

mutt-devel
mutt-devel-lite
<= 1.5.11_2

ja-mutt
<= 1.4.2.1.j1

zh-mutt-devel
<= 1.5.11_20040617

ja-mutt-devel
<= 1.5.6.j1_2

mutt-ng
<= 20060501

18642
http://dev.mutt.org/cgi-bin/gitweb.cgi?p=mutt/.git;a=commit;h=dc0272b749f0e2b102973b7ac43dbd3908507540