Mandrake Linux Security Advisory : mutt (MDKSA-2002:002-1)

High Nessus Plugin ID 13910


The remote Mandrake Linux host is missing a security update.


Joost Pol reported a remotely exploitable buffer overflow in the mutt email client. It is recommended that all mutt users upgrade their packages immediately.

Update :

The previous packages released for 8.x were unable to recall postponed messages due to an incorrect patch. These new packages also provide the compressed folders patch that was unavailable when MDKSA-2002:002 was announced.


Update the affected mutt package.

Plugin Details

Severity: High

ID: 13910

File Name: mandrake_MDKSA-2002-002.nasl

Version: $Revision: 1.16 $

Type: local

Published: 2004/07/31

Modified: 2016/02/16

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:mutt, cpe:/o:mandrakesoft:mandrake_linux:7.1, cpe:/o:mandrakesoft:mandrake_linux:7.2, cpe:/o:mandrakesoft:mandrake_linux:8.0, cpe:/o:mandrakesoft:mandrake_linux:8.1

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2002/01/17

Reference Information

CVE: CVE-2002-0001

BID: 3774

OSVDB: 13399

MDKSA: 2002:002-1