208 matches found
EulerOS 2.0 SP5 : mutt (EulerOS-SA-2020-2258)
According to the versions of the mutt package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response.CVE-2020-14093 - Mutt before 1.14.4 and NeoMutt befo...
EulerOS 2.0 SP3 : mutt (EulerOS-SA-2020-2109)
According to the versions of the mutt package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response.CVE-2020-14093 - Mutt before 1.14.4 and NeoMutt befo...
SUSE SLES12 Security Update : LibVNCServer (SUSE-SU-2020:2167-1)
This update for LibVNCServer fixes the following issues : security update fix CVE-2018-21247 bsc1173874, uninitialized memory contents are vulnerable to Information leak fix CVE-2019-20839 bsc1173875, buffer overflow in ConnectClientToUnixSock fix CVE-2019-20840 bsc1173876, unaligned accesses in...
SUSE-SU-2020:2167-1 Security update for LibVNCServer
This update for LibVNCServer fixes the following issues: - security update fix CVE-2018-21247 bsc1173874, uninitialized memory contents are vulnerable to Information leak fix CVE-2019-20839 bsc1173875, buffer overflow in ConnectClientToUnixSock fix CVE-2019-20840 bsc1173876, unaligned accesses in...
Insecure Connection
Alpine silently proceeds to use an insecure connection after a /tls is sent in certain circumstances involving PREAUTH, which is a less secure behavior than the alternative of closing the connection and letting the user decide what they would like to do...
DEBIAN-CVE-2020-16118
In GNOME Balsa before 2.6.0, a malicious server operator or man in the middle can trigger a NULL pointer dereference and client crash by sending a PREAUTH response to imapmboxconnect in libbalsa/imap/imap-handle.c...
CVE-2020-16118
In GNOME Balsa before 2.6.0, a malicious server operator or man in the middle can trigger a NULL pointer dereference and client crash by sending a PREAUTH response to imapmboxconnect in libbalsa/imap/imap-handle.c...
UBUNTU-CVE-2020-16118
In GNOME Balsa before 2.6.0, a malicious server operator or man in the middle can trigger a NULL pointer dereference and client crash by sending a PREAUTH response to imapmboxconnect in libbalsa/imap/imap-handle.c...
PT-2020-14758 · Gnome +1 · Gnome Balsa +1
Name of the Vulnerable Software and Affected Versions: GNOME Balsa versions prior to 2.6.0 Description: A malicious server operator or man in the middle can trigger a NULL pointer dereference and client crash by sending a PREAUTH response to imap mbox connect in libbalsa/imap/imap-handle.c. This...
openSUSE Security Update : LibVNCServer (openSUSE-2020-1056)
This update for LibVNCServer fixes the following issues : - security update - added patches fix CVE-2018-21247 bsc1173874, uninitialized memory contents are vulnerable to Information leak + LibVNCServer-CVE-2018-21247.patch fix CVE-2019-20839 bsc1173875, buffer overflow in ConnectClientToUnixSock...
OPENSUSE-SU-2020:1056-1 Security update for LibVNCServer
This update for LibVNCServer fixes the following issues: - security update - added patches fix CVE-2018-21247 bsc1173874, uninitialized memory contents are vulnerable to Information leak + LibVNCServer-CVE-2018-21247.patch fix CVE-2019-20839 bsc1173875, buffer overflow in ConnectClientToUnixSock ...
openSUSE Security Update : mutt (openSUSE-2020-915)
This update for mutt fixes the following issues : - CVE-2020-14954: Fixed a response injection due to a STARTTLS buffering issue which was affecting IMAP, SMTP, and POP3 bsc1173197. - CVE-2020-14093: Fixed a potential IMAP Man-in-the-Middle attack via a PREAUTH response bsc1172906, bsc1172935. -...
OPENSUSE-SU-2020:0988-1 Security update for LibVNCServer
This update for LibVNCServer fixes the following issues: - security update - added patches fix CVE-2018-21247 bsc1173874, uninitialized memory contents are vulnerable to Information leak + LibVNCServer-CVE-2018-21247.patch fix CVE-2019-20839 bsc1173875, buffer overflow in ConnectClientToUnixSock ...
SUSE SLED15 / SLES15 Security Update : LibVNCServer (SUSE-SU-2020:1922-1)
This update for LibVNCServer fixes the following issues : security update added patches fix CVE-2018-21247 bsc1173874, uninitialized memory contents are vulnerable to Information leak + LibVNCServer-CVE-2018-21247.patch fix CVE-2019-20839 bsc1173875, buffer overflow in ConnectClientToUnixSock +...
SUSE-SU-2020:1922-1 Security update for LibVNCServer
This update for LibVNCServer fixes the following issues: - security update - added patches fix CVE-2018-21247 bsc1173874, uninitialized memory contents are vulnerable to Information leak + LibVNCServer-CVE-2018-21247.patch fix CVE-2019-20839 bsc1173875, buffer overflow in ConnectClientToUnixSock ...
DEBIAN-CVE-2020-12398
If Thunderbird is configured to use STARTTLS for an IMAP server, and the server sends a PREAUTH response, then Thunderbird will continue with an unencrypted connection, causing email data to be sent without protection. This vulnerability affects Thunderbird 68.9.0...
CVE-2020-12398
If Thunderbird is configured to use STARTTLS for an IMAP server, and the server sends a PREAUTH response, then Thunderbird will continue with an unencrypted connection, causing email data to be sent without protection. This vulnerability affects Thunderbird 68.9.0...
CVE-2020-12398
CVE-2020-12398 affects Mozilla Thunderbird when STARTTLS is used for IMAP and the server sends PREAUTH, causing Thunderbird to proceed with an unencrypted connection and expose email data. Impact is described as information leakage due to unencrypted transmission; affected versions are Thunderbir...
SUSE SLED15 / SLES15 Security Update : mutt (SUSE-SU-2020:1771-1)
This update for mutt fixes the following issues : CVE-2020-14954: Fixed a response injection due to a STARTTLS buffering issue which was affecting IMAP, SMTP, and POP3 bsc1173197. CVE-2020-14093: Fixed a potential IMAP Man-in-the-Middle attack via a PREAUTH response bsc1172906, bsc1172935...
openSUSE: Security Advisory for mutt (openSUSE-SU-2020:0915-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...