24 matches found
Oracle: Security Advisory (ELSA-2009-1427)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 5 : fetchmail (ELSA-2009-1427)
The remote Oracle Linux 5 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2009-1427 advisory. 6.3.6-1.1.el53.1 - Fix fetchmail various flaws CVE-2007-4565, CVE-2008-2711, CVE-2009-2666 Resolves: 516269 Tenable has extracted the preceding...
Slackware Advisory SSA:2009-218-01 fetchmail
The remote host is missing an update as announced via advisory SSA:2009-218-01. OpenVAS Vulnerability Test $Id: esoftslkssa200921801.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...
Gentoo Security Advisory GLSA 201006-12 (fetchmail)
The remote host is missing updates announced in advisory GLSA 201006-12. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Security fix for the ALT Linux 6 package fetchmail version 6.3.13-alt1
Jan. 1, 2010 Afanasov Dmitry 6.3.13-alt1 - 6.3.13 + new "softbounce" global option; + CVE-2009-2666: improper SSL/TLS X.509 certificates validation fixed in 6.3.11; + translation updates; see NEWS for details...
SLES10: Security update for fetchmail
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: fetchmail fetchmailconf More details may also be found by searching for the SuSE Enterprise Server 10 patch database linked in the references...
SLES11: Security update for fetchmail
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: fetchmail fetchmailconf More details may also be found by searching for the SuSE Enterprise Server 11 patch database linked in the references...
SLES9: Security update for fetchmail
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: fetchmail fetchmailconf For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 505530...
SLES9: Security update for fetchmail
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: fetchmail fetchmailconf For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 505530...
openSUSE 10 Security Update : fetchmail (fetchmail-6410)
This update of fetchmail improves SSL certificate validation to stop possible man-in-the-middle attacks by inserting \0-character in the certificate's subject name. CVE-2009-2666 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
SuSE 11 Security Update : fetchmail (SAT Patch Number 1171)
This update of fetchmail improves SSL certificate validation to stop possible man-in-the-middle attacks by inserting \0-character in the certificate's subject name. CVE-2009-2666 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
SuSE9 Security Update : fetchmail (YOU Patch Number 12468)
This update of fetchmail improves SSL certificate validation to stop possible man-in-the-middle attacks by inserting \0-character in the certificate's subject name. CVE-2009-2666 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...
Fedora Core 10 FEDORA-2009-8770 (fetchmail)
The remote host is missing an update to fetchmail announced via advisory FEDORA-2009-8770. OpenVAS Vulnerability Test $Id: fcore20098770.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-8770 fetchmail Authors: Thomas Reinke Copyright: Copyright c 200...
fetchmail security update
6.3.6-1.1.el53.1 - Fix fetchmail various flaws CVE-2007-4565, CVE-2008-2711, CVE-2009-2666 Resolves: 516269...
Fedora Core 10 FEDORA-2009-8770 (fetchmail)
The remote host is missing an update to fetchmail announced via advisory FEDORA-2009-8770. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by...
Fedora Core 11 FEDORA-2009-8780 (fetchmail)
The remote host is missing an update to fetchmail announced via advisory FEDORA-2009-8780. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by...
Ubuntu USN-816-1 (fetchmail)
The remote host is missing an update to fetchmail announced via advisory USN-816-1. OpenVAS Vulnerability Test $Id: ubuntu8161.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu8161.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-816-1 fetchmail Authors: Thoma...
openSUSE Security Update : fetchmail (fetchmail-1179)
This update of fetchmail improves SSL certificate validation to stop possible man-in-the-middle attacks by inserting \0-character in the certificate's subject name. CVE-2009-2666 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
Fetchmail SSL证书空字符验证漏洞
BUGTRAQ ID: 35951 CVECAN ID: CVE-2009-2666 Fetchmail是免费的软件包,可以从远程POP2、POP3、IMAP、ETRN或ODMR服务器检索邮件并将其转发给本地SMTP、LMTP服务器或消息传送代理。 一些CA所签名的证书在ITU-T X.509证书的Common Name或subjectAltName字段中包含有嵌入的空字符,Fetchmail在处理这种X.509字符串时会将其处理为终止符,因此只会检查空字符的之前部分。例如,名称为www.good.example\0www.bad.example.com...
[SECURITY] [DSA 1852-1] New fetchmail packages fix SSL certificate verification weakness
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA-1852-1 [email protected] http://www.debian.org/security/ Nico Golde August 7th, 2009 http://www.debian.org/security/faq -...