The STARTTLS implementation in Cyrus IMAP Server before 2.4.7 does not properly restrict I/O buffering, allowing man-in-the-middle attackers to insert commands into encrypted sessions
Reporter | Title | Published | Views | Family All 199 |
---|---|---|---|---|
securityvulns | [ MDVSA-2011:100 ] cyrus-imapd | 25 May 201100:00 | – | securityvulns |
securityvulns | STARTTLS vulnerability in different mail applications | 4 Oct 201200:00 | – | securityvulns |
securityvulns | Plaintext injection in STARTTLS (multiple implementations) | 10 Mar 201100:00 | – | securityvulns |
securityvulns | [ MDVSA-2012:156 ] inn | 4 Oct 201200:00 | – | securityvulns |
securityvulns | [SECURITY] [DSA 2346-1] proftpd-dfsg security update | 21 Nov 201100:00 | – | securityvulns |
UbuntuCve | CVE-2011-1926 | 23 May 201100:00 | – | ubuntucve |
UbuntuCve | CVE-2011-0411 | 16 Mar 201100:00 | – | ubuntucve |
UbuntuCve | CVE-2012-3523 | 11 Nov 201200:00 | – | ubuntucve |
UbuntuCve | CVE-2011-1431 | 16 Mar 201100:00 | – | ubuntucve |
UbuntuCve | CVE-2011-1575 | 23 May 201100:00 | – | ubuntucve |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo