Lucene search
K

33 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:28 a.m.2 views

SUSE CVE-2014-3556

The STARTTLS implementation in mail/ngxmailsmtphandler.c in the SMTP proxy in nginx 1.5.x and 1.6.x before 1.6.1 and 1.7.x before 1.7.4 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command...

6.8CVSS7.1AI score0.07832EPSS
Exploits0References3
OSV
OSV
added 2022/03/07 11:3 a.m.4 views

OESA-2022-1561 mutt security update

Mutt is a small but very powerful text-based mail client for Unix operating systems. Security Fixes: Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a "begin TLS" response, the client reads additional data e.g...

5.9CVSS6.9AI score0.02288EPSS
Exploits0References2
OSV
OSV
added 2022/01/06 6:15 p.m.7 views

CVE-2021-28714

Guest can force Linux netback driver to hog large amounts of kernel memory This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Incoming data packets for a guest in the Linux kernel's netback driver are buffered until the...

6.5CVSS6.6AI score
Exploits0References5
Positive Technologies
Positive Technologies
added 2021/06/09 12:0 a.m.5 views

PT-2021-20241 · Sap · Sap Netweaver As Abap

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver AS ABAP versions 7.22 through 7.84 Description: The issue allows an unauthorized attacker to insert cleartext commands into encrypted SMTP sessions over the network due to improper restriction of I/O buffering. This can partiall...

5.8CVSS5.3AI score0.00766EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/10/30 12:0 a.m.45 views

EulerOS 2.0 SP5 : mutt (EulerOS-SA-2020-2258)

According to the versions of the mutt package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response.CVE-2020-14093 - Mutt before 1.14.4 and NeoMutt befo...

5.9CVSS6.3AI score0.02288EPSS
Exploits0References4
CVE
CVE
added 2020/07/27 6:7 a.m.188 views

CVE-2020-15953

LibEtPan ≤ 1.9.4 (used in MailCore 2 ≤ 0.6.3 and related products) contains a STARTTLS buffering issue that enables response injection during TLS negotiation across IMAP, SMTP, and POP3. The root cause is improper handling when a server responds with begin TLS, causing the client to read extra da...

7.4CVSS7.1AI score0.02393EPSS
Exploits1References7Affected Software1
Prion
Prion
added 2020/07/17 4:15 p.m.20 views

Design/Logic Flaw

evolution-data-server eds through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a "begin TLS" response, eds reads additional data and evaluates it in a TLS context, aka "response injection."...

4.3CVSS5.5AI score0.02808EPSS
Exploits1References10Affected Software4
Debian CVE
Debian CVE
added 2020/07/17 3:30 p.m.25 views

CVE-2020-14928

evolution-data-server eds through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a "begin TLS" response, eds reads additional data and evaluates it in a TLS context, aka "response injection."...

5.9CVSS6AI score0.02808EPSS
Exploits1
OpenVAS
OpenVAS
added 2020/06/30 12:0 a.m.29 views

openSUSE: Security Advisory for mutt (openSUSE-SU-2020:0903-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.9CVSS6.1AI score0.02288EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/06/30 12:0 a.m.28 views

openSUSE: Security Advisory for mutt (openSUSE-SU-2020:0915-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.9CVSS6.1AI score0.02288EPSS
Exploits0References2
Prion
Prion
added 2020/06/21 5:15 p.m.15 views

Design/Logic Flaw

Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a "begin TLS" response, the client reads additional data e.g., from a man-in-the-middle attacker and evaluates it in a TLS context, aka "response injection."...

4.3CVSS5.5AI score0.02288EPSS
Exploits0References16Affected Software6
Positive Technologies
Positive Technologies
added 2020/06/19 12:0 a.m.2 views

PT-2020-5911 · Mutt +5 · Mutt +5

Name of the Vulnerable Software and Affected Versions: Mutt versions prior to 1.14.4 NeoMutt versions prior to 2020-06-19 Description: The issue is related to a STARTTLS buffering problem that affects IMAP, SMTP, and POP3 protocols. When a server sends a "begin TLS" response, the client reads...

9.8CVSS6.6AI score0.06229EPSS
Exploits3References169
Microsoft KB
Microsoft KB
added 2018/08/23 12:0 a.m.5 views

March 22, 2018—KB4088882 (Preview of Monthly Rollup)

March 22, 2018—KB4088882 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4088876 released March 13, 2018 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Addresses an...

7AI score
Exploits0
Rows per page
Query Builder