Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2024/08/17 12:0 a.m.19 views

openSUSE 15 Security Update : python-aiosmtpd (openSUSE-SU-2024:0243-1)

The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2024:0243-1 advisory. - CVE-2024-34083: Fixed MiTM attack could inject extra unencrypted commands after STARTTLS boo1224467 - CVE-2024-27305: Fixed SMTP smuggling...

5.4CVSS5.8AI score0.00371EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2024/08/17 12:0 a.m.10 views

openSUSE Security Advisory (openSUSE-SU-2024:0243-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.4CVSS5.3AI score0.00371EPSS
Exploits0References4
OSV
OSV
added 2024/06/07 11:8 a.m.5 views

OESA-2024-1696 python-aiosmtpd security update

This is a server for SMTP and related protocols, similar in utility to the standard library's smtpd.py module, but rewritten to be based on asyncio for Python 3. Security Fixes: aiosmptd is a reimplementation of the Python stdlib smtpd.py based on asyncio. Prior to version 1.4.6, servers based on...

5.4CVSS7AI score0.00228EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/18 6:12 p.m.12 views

CVE-2024-34083 STARTTLS unencrypted commands injection

aiosmptd is a reimplementation of the Python stdlib smtpd.py based on asyncio. Prior to version 1.4.6, servers based on aiosmtpd accept extra unencrypted commands after STARTTLS, treating them as if they came from inside the encrypted connection. This could be exploited by a man-in-the-middle...

5.4CVSS6.8AI score0.00228EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/05/18 6:12 p.m.38 views

CVE-2024-34083 STARTTLS unencrypted commands injection

aiosmptd is a reimplementation of the Python stdlib smtpd.py based on asyncio. Prior to version 1.4.6, servers based on aiosmtpd accept extra unencrypted commands after STARTTLS, treating them as if they came from inside the encrypted connection. This could be exploited by a man-in-the-middle...

5.4CVSS5.4AI score0.00228EPSS
Exploits0References3
Rows per page
Query Builder