CentOS Local Security Checks : CentOS Update for mutt CESA-2014:0304 centos6

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 146377 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.881906

Kategorie: CentOS Local Security Checks

Titel: CentOS Update for mutt CESA-2014:0304 centos6

Zusammenfassung: The remote host is missing an update for the 'mutt'; package(s) announced via the referenced advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'mutt'
package(s) announced via the referenced advisory.

Vulnerability Insight:
Mutt is a text-mode mail user agent.

A heap-based buffer overflow flaw was found in the way mutt processed
certain email headers. A remote attacker could use this flaw to send an
email with specially crafted headers that, when processed, could cause mutt
to crash or, potentially, execute arbitrary code with the permissions of
the user running mutt. (CVE-2014-0467)

All mutt users are advised to upgrade to this updated package, which
contains a backported patch to correct this issue. All running instances of
mutt must be restarted for this update to take effect.

Affected Software/OS:
mutt on CentOS 6

Solution:
Please install the updated packages.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2014-0467
BugTraq ID: 66165
http://www.securityfocus.com/bid/66165
Debian Security Information: DSA-2874 (Google Search)
http://www.debian.org/security/2014/dsa-2874
RedHat Security Advisories: RHSA-2014:0304
http://rhn.redhat.com/errata/RHSA-2014-0304.html
http://www.securitytracker.com/id/1029919
SuSE Security Announcement: SUSE-SU-2014:0471 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00001.html
SuSE Security Announcement: openSUSE-SU-2014:0434 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-03/msg00083.html
SuSE Security Announcement: openSUSE-SU-2014:0436 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-03/msg00085.html
http://www.ubuntu.com/usn/USN-2147-1

Copyright Copyright (C) 2014 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.881906
Kategorie:	CentOS Local Security Checks
Titel:	CentOS Update for mutt CESA-2014:0304 centos6
Zusammenfassung:	The remote host is missing an update for the 'mutt'; package(s) announced via the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'mutt' package(s) announced via the referenced advisory. Vulnerability Insight: Mutt is a text-mode mail user agent. A heap-based buffer overflow flaw was found in the way mutt processed certain email headers. A remote attacker could use this flaw to send an email with specially crafted headers that, when processed, could cause mutt to crash or, potentially, execute arbitrary code with the permissions of the user running mutt. (CVE-2014-0467) All mutt users are advised to upgrade to this updated package, which contains a backported patch to correct this issue. All running instances of mutt must be restarted for this update to take effect. Affected Software/OS: mutt on CentOS 6 Solution: Please install the updated packages. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2014-0467 BugTraq ID: 66165 http://www.securityfocus.com/bid/66165 Debian Security Information: DSA-2874 (Google Search) http://www.debian.org/security/2014/dsa-2874 RedHat Security Advisories: RHSA-2014:0304 http://rhn.redhat.com/errata/RHSA-2014-0304.html http://www.securitytracker.com/id/1029919 SuSE Security Announcement: SUSE-SU-2014:0471 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00001.html SuSE Security Announcement: openSUSE-SU-2014:0434 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-03/msg00083.html SuSE Security Announcement: openSUSE-SU-2014:0436 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-03/msg00085.html http://www.ubuntu.com/usn/USN-2147-1
Copyright	Copyright (C) 2014 Greenbone AG