16 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-9604
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 17.04.2, do not ensure that a plugin's sign/encrypt action occurs...
SUSE CVE-2017-9604
KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 17.04.2, do not ensure that a plugin's sign/encrypt action occurs during use of the Send Later feature, which allows remote attackers to obtain sensitive information by sniffing the network...
Fedora 26 : kmail (2017-63fbea2273)
CVE-2017-9604 kmail: Send Later with Delay bypasses OpenPGP Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additiona...
Fedora 26 : kf5-messagelib (2017-4d03055306)
Security fix for CVE-2017-9604 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300...
Fedora 25 : kf5-messagelib (2017-bb1ecba1bc)
Security fix for CVE-2017-9604 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300...
Fedora Update for kmail FEDORA-2017-f68c93aaac
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : kdepim4 (openSUSE-2017-755)
This update for kdepim4 fixes the following issues : - CVE-2017-9604: The kmail 'send later' function does not have 'sign/encryption' action ensured. boo1044210 The package kdepim-addons was updated to conflict with 4.x based akonadi package to prevent file conflicts. boo1045936 %NASLMINLEVEL 703...
openSUSE Security Update : kdepim / messagelib (openSUSE-2017-756)
This update for kdepim and messagelib fixes the following issues : - CVE-2017-9604: The kmail 'send later' function does not have 'sign/encryption' action ensured. boo1044210 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...
OPENSUSE-SU-2017:1756-1 Security update for kdepim, messagelib
This update for kdepim and messagelib fixes the following issues: - CVE-2017-9604: The kmail 'send later' function does not have 'sign/encryption' action ensured. boo1044210...
OPENSUSE-SU-2017:1748-1 Security update for kdepim, messagelib
This update for kdepim and messagelib fixes the following issues: - CVE-2017-9604: The kmail 'send later' function does not have 'sign/encryption' action ensured. boo1044210...
CVE-2017-9604
It was found that KMail's Send Later with Delay function bypassed OpenPGP signing and encryption, causing the message to be sent unsigned and in plain-text. A remote attacker, with access to the user's network traffic, could potentially use this flaw to obtain sensitive information from the...
[ASA-201706-17] messagelib: information disclosure
Arch Linux Security Advisory ASA-201706-17 ========================================== Severity: Medium Date : 2017-06-14 CVE-ID : CVE-2017-9604 Package : messagelib Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-300 Summary ======= The package messagelib befo...
CVE-2017-9604
KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 17.04.2, do not ensure that a plugin's sign/encrypt action occurs during use of the Send Later feature, which allows remote attackers to obtain sensitive information by sniffing the network...
CVE-2017-9604
KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 17.04.2, do not ensure that a plugin's sign/encrypt action occurs during use of the Send Later feature, which allows remote attackers to obtain sensitive information by sniffing the network...
CVE-2017-9604
KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 17.04.2, do not ensure that a plugin's sign/encrypt action occurs during use of the Send Later feature, which allows remote attackers to obtain sensitive information by sniffing the network...
CVE-2017-9604
CVE-2017-9604 details (Mode C): Affected software uses KDE PIM components: kmail and messagelib (KDE Applications before 17.04.2), with the issue occurring in the Send Later flow. The root cause is that the plugin’s sign/encrypt action is not guaranteed to occur during Send Later, enabling potent...