Описание
Mutt does not verify that the smtps server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL SMTP server via an arbitrary certificate, a different vulnerability than CVE-2009-3766.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | not-affected | 1.5.21-5 |
| hardy | not-affected | |
| karmic | ignored | end of life |
| lucid | released | 1.5.20-7ubuntu1.1 |
| maverick | released | 1.5.20-9ubuntu2.1 |
| natty | released | 1.5.21-2ubuntu3.1 |
| upstream | released | 1.5.21-5 |
Показывать по
EPSS
5.8 Medium
CVSS2
Связанные уязвимости
Mutt does not verify that the smtps server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL SMTP server via an arbitrary certificate, a different vulnerability than CVE-2009-3766.
Mutt does not verify that the smtps server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL SMTP server via an arbitrary certificate, a different vulnerability than CVE-2009-3766.
Mutt does not verify that the smtps server hostname matches the domain ...
Mutt does not verify that the smtps server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL SMTP server via an arbitrary certificate, a different vulnerability than CVE-2009-3766.
EPSS
5.8 Medium
CVSS2