Lucene search

Debian Security Bug TrackerDEBIANCVE:CVE-2013-4584

HistoryNov 15, 2019 - 3:15 p.m.

CVE-2013-4584

2019-11-1515:15:11

Debian Security Bug Tracker

security-tracker.debian.org

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

0.009 Low

EPSS

Percentile

82.9%

JSON

Perdition before 2.2 may have weak security when handling outbound connections, caused by an error in the STARTTLS IMAP and POP server. ssl_outgoing_ciphers not being applied to STARTTLS connections

OSVersionArchitecturePackageVersionFilename
Debian12allperdition< 2.1-1perdition_2.1-1_all.deb
Debian11allperdition< 2.1-1perdition_2.1-1_all.deb
Debian999allperdition< 2.1-1perdition_2.1-1_all.deb
Debian13allperdition< 2.1-1perdition_2.1-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	perdition	< 2.1-1	perdition_2.1-1_all.deb
Debian	11	all	perdition	< 2.1-1	perdition_2.1-1_all.deb
Debian	999	all	perdition	< 2.1-1	perdition_2.1-1_all.deb
Debian	13	all	perdition	< 2.1-1	perdition_2.1-1_all.deb

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

0.009 Low

EPSS

Percentile

82.9%

JSON

Related for DEBIANCVE:CVE-2013-4584