Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
certCERTVU:555316
HistoryMar 07, 2011 - 12:00 a.m.

STARTTLS plaintext command injection vulnerability

2011-03-0700:00:00
www.kb.cert.org
218

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.897 High

EPSS

Percentile

98.7%

JSON

Overview

Some STARTTLS implementations could allow a remote attacker to inject commands during the plaintext phase of the protocol.

Description

STARTTLS is an extension to plaintext communication protocols that offers a way to upgrade a plaintext connection to an encrypted (TLS or SSL) connection instead of using a separate port for encrypted communication. Some implementations of STARTTLS contain a vulnerability that could allow a remote unauthenticated attacker to inject commands during the plaintext protocol phase, that will be executed during the ciphertext protocol phase. This vulnerability is caused by the switch from plaintext to TLS being implemented below the application’s I/O buffering layer.

This issue is only of practical concern for affected implementations that also perform correct certificate validation. Implementations which do not perform certificate validation are already inherently vulnerable to man-in-the-middle attacks.

Note: Not all implementations of STARTTLS are affected by this vulnerability. Some implementations of Simple Authentication and Security Layer (SASL) could also be affected by this vulnerability. Please see the Vendor Information below for specific vendor information.

Impact

A remote attacker with the ability to pose as a man-in-the-middle may be able to inject commands for the corresponding protocol (e.g., SMTP, POP3, etc.) during the plaintext protocol phase, that will then be executed during the ciphertext protocol phase.

Solution

Update

Please see the Vendor Information below for specific vendor information and patches.

Purge the application I/O buffer

Developers of STARTTLS-enabled applications should take care to purge the application’s I/O buffer immediately after switching to TLS in order to mitigate this vulnerability.

Vendor Information

555316

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

Cyrus-IMAP Affected

Updated: May 17, 2011

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

Debian GNU/Linux Affected

Updated: May 11, 2011

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

Ipswitch, Inc __ Affected

Notified: January 21, 2011 Updated: March 01, 2011

Status

Affected

Vendor Statement

We will work on addressing this vulnerability in an upcoming release of IMail.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Kerio Technologies __ Affected

Notified: January 19, 2011 Updated: March 01, 2011

Status

Affected

Vendor Statement

We are going to resolve the issue in the next product version.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Postfix __ Affected

Updated: March 03, 2011

Status

Affected

Vendor Statement

Postfix legacy releases 2.7.3, 2.6.9, 2.5.12 and 2.4.16 are available.
These releases contain a fix for CVE-2011-0411 which allows plaintext
command injection with SMTP sessions over TLS. This defect was
introduced with Postfix version 2.2.

Postfix 2.8 and 2.9 are not affected.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

Qmail-TLS __ Affected

Notified: January 19, 2011 Updated: March 07, 2011

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

Q-Mail has released a patch to address this vulnerability.

Vendor References

Addendum

Note that Qmail-TLS is a third-party extension for the qmail software.

Because STARTTLS is not supported by default in either the original qmail distribution or the netqmail distribution, those distributions are not vulnerable to this issue.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23555316 Feedback>).

Red Hat, Inc. __ Affected

Notified: January 19, 2011 Updated: April 07, 2011

Status

Affected

Vendor Statement

Vulnerable. This issue affects postfix packages in Red Hat Enterprise

Linux 4, 5, and 6. The Red Hat Security Response Team has rated this
issue as having moderate security impact, a future update will address
this flaw.

This issue did not affect the versions of the sendmail package as shipped
with Red Hat Enterprise Linux 3, 4, 5, or 6, as Sendmail by switching to
SMTP over TLS replaces the entire received SMTP commands stream, along
with its read/write buffers and read/write functions.

This issue did not affect the versions of the exim package as shipped
with Red Hat Enterprise Linux 4 and 5, as Exim by switching to SMTP over
TLS replaces plaintext read/write functions with TLS read/write functions.

Vendor Information

Red Hat has released updated postfix packages, for:
Red Hat Enterprise Linux 4 and 5:

* &lt;https://rhn.redhat.com/errata/RHSA-2011-0422.html&gt;
* &lt;https://bugzilla.redhat.com/show_bug.cgi?id=674814#c26&gt;

Red Hat Enterprise Linux 6:
* <https://rhn.redhat.com/errata/RHSA-2011-0423.html&gt;
* <https://bugzilla.redhat.com/show_bug.cgi?id=674814#c27&gt;

Vendor References

<http://www.redhat.com/security/data/cve/CVE-2011-0411.html&gt;
<https://rhn.redhat.com/errata/RHSA-2011-0422.html&gt;
<https://bugzilla.redhat.com/show_bug.cgi?id=674814#c26&gt;
<https://rhn.redhat.com/errata/RHSA-2011-0423.html&gt;
<https://bugzilla.redhat.com/show_bug.cgi?id=674814#c27&gt;

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23555316 Feedback>).

Vendor References

Sun Microsystems, Inc. __ Affected

Notified: January 19, 2011 Updated: March 01, 2011

Status

Affected

Vendor Statement

The issue is being fixed in affected products and would be announced in a quarterly Oracle Critical Patch update.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Ubuntu Affected

Updated: May 11, 2011

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

Watchguard Technologies, Inc. __ Affected

Notified: January 19, 2011 Updated: April 14, 2011

Status

Affected

Vendor Statement

TLS Command Injection Vulnerability: A TLS Hotfix is available for XCS version 9.0 and 9.1 to resolve a potential command injection vulnerability in the TLS over SMTP implementation. The vulnerability makes it possible to allow a man-in-the-middle to inject commands during the plaintext protocol phase, that would be executed during the ciphertext protocol phase. A full description of the vulnerability is described in CERT Vulnerability Note VU#555316. This fix

is included in the XCS 9.0 Update 1 as well as the XCS 9.1 TLS Hotfix updates

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

Blue Coat Systems Not Affected

Notified: January 19, 2011 Updated: March 28, 2011

Status

Not Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

EXIM Not Affected

Notified: March 07, 2011 Updated: March 14, 2011

Status

Not Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Force10 Networks, Inc. Not Affected

Notified: January 19, 2011 Updated: July 22, 2011

Status

Not Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Fortinet, Inc. Not Affected

Notified: January 19, 2011 Updated: March 16, 2011

Status

Not Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Global Technology Associates, Inc. __ Not Affected

Notified: January 19, 2011 Updated: March 14, 2011

Status

Not Affected

Vendor Statement

GTA’s GB-OS based firewalls are not affected by this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Microsoft Corporation Not Affected

Notified: March 07, 2011 Updated: March 14, 2011

Status

Not Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

NetApp __ Not Affected

Notified: January 19, 2011 Updated: March 15, 2011

Status

Not Affected

Vendor Statement

No NetApp Data ONTAP® products are vulnerable to this issue.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Novell, Inc. __ Not Affected

Notified: January 19, 2011 Updated: March 03, 2011

Status

Not Affected

Vendor Statement

Our GroupWise Engineering team does not feel that we are vulnerable to this issue

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Palo Alto Networks __ Not Affected

Notified: January 19, 2011 Updated: March 01, 2011

Status

Not Affected

Vendor Statement

We are not vulnerable to it.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

The SCO Group __ Not Affected

Notified: January 19, 2011 Updated: September 08, 2011

Status

Not Affected

Vendor Statement

The SCOoffice 4.2 product we ship does not currently support TLS and the product is not vulnerable for this reason.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Wind River Systems, Inc. Not Affected

Notified: January 19, 2011 Updated: March 14, 2011

Status

Not Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

3com Inc Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

ACCESS Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

AT&T Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Alcatel-Lucent Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

America Online Inc. Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Apache HTTP Server Project Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Avaya, Inc. Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Barracuda Networks Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Belkin, Inc. Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Borderware Technologies Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Check Point Software Technologies Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Cisco Systems, Inc. Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Clavister Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Computer Associates Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Courier-mta Unknown

Notified: January 27, 2011 Updated: January 27, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Cray Inc. Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

EMC Corporation Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Engarde Secure Linux Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Enterasys Networks Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Ericsson Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Extreme Networks Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

F5 Networks, Inc. Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Foundry Networks, Inc. Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Fujitsu Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Google Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Hewlett-Packard Company Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Hitachi Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

IBM Corporation Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

IBM Corporation (zseries) Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

IBM eServer Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

IP Infusion, Inc. Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Infoblox Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Intel Corporation Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Internet Security Systems, Inc. Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Intoto Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Juniper Networks, Inc. Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

M86 Security Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

McAfee Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

MontaVista Software, Inc. Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

NEC Corporation Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Nokia Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Nortel Networks, Inc. Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Oracle Corporation Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Process Software Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Q1 Labs Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

QNX Software Systems Inc. Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

RadWare, Inc. Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Redback Networks, Inc. Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

SUSE Linux Unknown

Notified: March 14, 2011 Updated: March 14, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

SafeNet Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Secureworx, Inc. Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Sendmail Consortium Unknown

Notified: March 07, 2011 Updated: March 07, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Silicon Graphics, Inc. Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Sony Corporation Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Stonesoft Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Symantec Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

U4EA Technologies, Inc. Unknown

Notified: March 07, 2011 Updated: March 07, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Unisys Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vyatta Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

ZyXEL Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

eSoft, Inc. Unknown

Notified: January 19, 2011 Updated: January 19, 2011

Status

Unknown

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

View all 82 vendors __View less vendors __

CVSS Metrics

Group Score Vector
Base
Temporal
Environmental

References

Acknowledgements

Thanks to Wietse Venema for reporting this vulnerability.

This document was written by Michael Orlando.

Other Information

CVE IDs: CVE-2011-0411, CVE-2011-1430, CVE-2011-1431, CVE-2011-1432, CVE-2011-1575
Severity Metric: 1.39 Date Public:

Related

openvas 51
nessus 51
prion 10
cve 10
ubuntucve 6
debiancve 5
freebsd 3
securityvulns 8
veracode 1
oraclelinux 2
redhat 2
fedora 5
hackerone 1
gentoo 2
debian 2
osv 3
checkpoint_advisories 1
centos 1
ubuntu 1
kitploit 1
oracle 1
openvas
openvas
Multiple Vendors STARTTLS Implementation Plaintext Arbitrary Command Injection Vulnerability
2014-04-08 00:00:00
FreeBSD Ports: pure-ftpd
2011-08-03 00:00:00
FreeBSD Ports: pure-ftpd
2011-08-03 00:00:00
nessus
nessus
SMTP Service STARTTLS Plaintext Command Injection
2011-03-10 00:00:00
openSUSE Security Update : pure-ftpd (openSUSE-SU-2011:0483-1)
2014-06-13 00:00:00
openSUSE Security Update : pure-ftpd (openSUSE-SU-2011:0483-1)
2014-06-13 00:00:00
prion
prion
Command injection
2011-03-16 22:55:00
Command injection
2011-05-23 22:55:00
Command injection
2011-03-16 22:55:00
cve
cve
CVE-2011-1430
2011-03-16 22:55:00
CVE-2011-1575
2011-05-23 22:55:00
CVE-2011-1431
2011-03-16 22:55:00
ubuntucve
ubuntucve
CVE-2011-1431
2011-03-16 00:00:00
CVE-2011-1575
2011-05-23 00:00:00
CVE-2011-0411
2011-03-16 00:00:00
debiancve
debiancve
CVE-2011-1575
2011-05-23 22:55:00
CVE-2011-1431
2011-03-16 22:55:00
CVE-2011-0411
2011-03-16 22:55:00
freebsd
freebsd
pureftpd -- multiple vulnerabilities
2011-04-01 00:00:00
postfix -- plaintext command injection with SMTP over TLS
2011-03-07 00:00:00
inn -- plaintext command injection into encrypted channel
2012-08-14 00:00:00
securityvulns
securityvulns
STARTTLS vulnerability in different mail applications
2012-10-04 00:00:00
Plaintext injection in STARTTLS &#40;multiple implementations&#41;
2011-03-10 00:00:00
[SECURITY] [DSA 2346-1] proftpd-dfsg security update
2011-11-21 00:00:00
veracode
veracode
Command Injection
2020-04-10 00:54:06
oraclelinux
oraclelinux
postfix security update
2011-04-06 00:00:00
postfix security update
2011-04-06 00:00:00
redhat
redhat
(RHSA-2011:0423) Moderate: postfix security update
2011-04-06 00:00:00
(RHSA-2011:0422) Moderate: postfix security update
2011-04-06 00:00:00
fedora
fedora
[SECURITY] Fedora 14 Update: pure-ftpd-1.0.30-1.fc14
2011-03-31 16:59:13
[SECURITY] Fedora 14 Update: postfix-2.7.3-1.fc14
2011-03-23 22:59:08
[SECURITY] Fedora 13 Update: postfix-2.7.3-1.fc13
2011-03-23 22:59:26
hackerone
hackerone
PortSwigger Web Security: SMTP interaction theft via MITM
2020-08-07 11:29:14
gentoo
gentoo
Pure-FTPd: Multiple vulnerabilities
2011-10-26 00:00:00
Postfix: Multiple vulnerabilities
2012-06-25 00:00:00
debian
debian
[SECURITY] [DSA 2346-1] proftpd-dfsg security update
2011-11-15 20:39:09
[SECURITY] [DSA 2233-1] postfix security update
2011-05-10 17:57:47
osv
osv
proftpd-dfsg - several
2011-11-16 00:00:00
proftpd-dfsg - several
2011-11-16 00:00:00
postfix - several
2011-05-10 00:00:00
checkpoint_advisories
checkpoint_advisories
Multiple Products STARTTLS Plaintext Command Injection (CVE-2011-0411; CVE-2014-3556)
2011-05-03 00:00:00
centos
centos
postfix security update
2011-04-08 12:13:18
ubuntu
ubuntu
Postfix vulnerabilities
2011-04-18 00:00:00
kitploit
kitploit
Vision2 - Nmap's XML result parse and NVD's CPE correlation to search CVE
2017-09-08 13:30:00
oracle
oracle
cpuapr2011
2011-04-19 00:00:00

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.897 High

EPSS

Percentile

98.7%

JSON
Related for VU:555316
openvas51nessus51prion10cve10ubuntucve6debiancve5freebsd3securityvulns8veracode1oraclelinux2redhat2fedora5hackerone1gentoo2debian2osv3checkpoint_advisories1centos1ubuntu1kitploit1oracle1