Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1429


Vulnerability Score 5.8 5.8
CVE Id CVE-2011-1429
Last Modified 21 Sep 2011 11:30:13
Published 16 Mar 2011 06:55:04
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



Mutt does not verify that the smtps server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL SMTP server via an arbitrary certificate, a different vulnerability than CVE-2009-3766.

Vulnerable Systems


  • Mutt


FULLDISC - 20110308 Mutt: failure to check server certificate in SMTP TLS connection

XF - mutt-smtptls-weak-security(66015)

BID - 46803

REDHAT - RHSA-2011:0959

SREASON - 8143

SECUNIA - 44937

FEDORA - FEDORA-2011-7756

FEDORA - FEDORA-2011-7751

FEDORA - FEDORA-2011-7739

Last Updated: 27 May 2016 10:56:19