89 matches found
CVE-2020-13645
In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server identity. This is in contrast to its intended documented behavior, to fail the certificate...
Design/Logic Flaw
In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server identity. This is in contrast to its intended documented behavior, to fail the certificate...
CVE-2020-13645
In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server identity. This is in contrast to its intended documented behavior, to fail the certificate...
CVE-2020-13645
Technical details for CVE-2020-13645 are not provided in the Connected documents. The Initial Description notes a hostname verification issue in GNOME glib-networking (GTlsClientConnection), but there are no product/version specifics beyond the CP4S remediation, so monitor for updates.
CVE-2020-13645
In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server identity. This is in contrast to its intended documented behavior, to fail the certificate...
CVE-2020-13645
In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server identity. This is in contrast to its intended documented behavior, to fail the certificate...
fetchmail/mutt/evolution/...: APOP password disclosure vulnerability
The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle MITM attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APOP, including 1 Thunderbird 1.x before 1.5.0.12 and...
Fedora Update for balsa FEDORA-2007-1447
Check for the Version of balsa OpenVAS Vulnerability Test Fedora Update for balsa FEDORA-2007-1447 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...
Fedora Update for balsa FEDORA-2007-1447
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Gentoo Security Advisory GLSA 200710-17 (balsa)
The remote host is missing updates announced in advisory GLSA 200710-17. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Gentoo Security Advisory GLSA 200710-17 (balsa)
The remote host is missing updates announced in advisory GLSA 200710-17. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian Security Advisory DSA 300-1 (balsa)
The remote host is missing an update to balsa announced via advisory DSA 300-1. OpenVAS Vulnerability Test $Id: deb3001.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 300-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian: Security Advisory (DSA-300)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Stack overflow
Stack-based buffer overflow in the irfetchseq function in balsa before 2.3.20 might allow remote IMAP servers to execute arbitrary code via a long response to a FETCH command...
CVE-2007-5007
Stack-based buffer overflow in the irfetchseq function in balsa before 2.3.20 might allow remote IMAP servers to execute arbitrary code via a long response to a FETCH command...
CVE-2007-5007
Stack-based buffer overflow in the irfetchseq function in balsa before 2.3.20 might allow remote IMAP servers to execute arbitrary code via a long response to a FETCH command...
CVE-2007-5007
Stack-based buffer overflow in the irfetchseq function in balsa before 2.3.20 might allow remote IMAP servers to execute arbitrary code via a long response to a FETCH command...
DEBIAN-CVE-2007-5007
Stack-based buffer overflow in the irfetchseq function in balsa before 2.3.20 might allow remote IMAP servers to execute arbitrary code via a long response to a FETCH command...
Fedora 7 : balsa-2.3.17-2.fc7 (2007-1447)
Balsa is not really listed in the list but it also lacked the verification of the server challenge. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...
[ GLSA 200710-17 ] Balsa: Buffer overflow
Gentoo Linux Security Advisory GLSA 200710-17 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...