61 matches found
EUVD-2014-7146
Malware in sbrugna...
EUVD-2004-0879
Malware in sbrugna...
EUVD-2014-7145
Malware in sbrugna...
EUVD-2004-0878
Malware in sbrugna...
OPENSUSE-SU-2024:10525-1 getmail-4.46.0-1.2 on GA media
These are all security issues fixed in the getmail-4.46.0-1.2 package on the GA media of openSUSE Tumbleweed...
SUSE CVE-2014-7274
The IMAP-over-SSL implementation in getmail 4.44.0 does not verify that the server hostname matches a domain name in the subject's Common Name CN field of the X.509 certificate, which allows man-in-the-middle attackers to spoof IMAP servers and obtain sensitive information via a crafted certifica...
SUSE CVE-2014-7273
The IMAP-over-SSL implementation in getmail 4.0.0 through 4.43.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof IMAP servers and obtain sensitive information via a crafted certificate...
SUSE CVE-2014-7275
The POP3-over-SSL implementation in getmail 4.0.0 through 4.44.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof POP3 servers and obtain sensitive information via a crafted certificate...
Mageia: Security Advisory (MGASA-2014-0450)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 201412-50
Gentoo Linux Local Security Checks GLSA 201412-50 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
GLSA-201412-50 : getmail: Information disclosure
The remote host is affected by the vulnerability described in GLSA-201412-50 getmail: Information disclosure Multiple vulnerabilities have been discovered in getmail. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could cause a man-in-the-middle attack...
getmail: Information disclosure
Background getmail is a POP3 mail retriever with reliable Maildir and mbox delivery. Description Multiple vulnerabilities have been discovered in getmail. Please review the CVE identifiers referenced below for details. Impact A remote attacker could cause a man-in-the-middle attack via multiple...
getmail security vulnerabilities
Multiple vulnerabilities in certificates check...
MGASA-2014-0450 Updated getmail package fixes security vulnerabilities
The IMAP-over-SSL implementation in getmail 4.0.0 through 4.43.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof IMAP servers and obtain sensitive information via a crafted certificate CVE-2014-7273. The IMAP-over-SSL implementation in getmai...
Updated getmail package fixes security vulnerabilities
The IMAP-over-SSL implementation in getmail 4.0.0 through 4.43.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof IMAP servers and obtain sensitive information via a crafted certificate CVE-2014-7273. The IMAP-over-SSL implementation in getmai...
openSUSE Security Update : getmail (openSUSE-SU-2014:1315-1)
getmail 4.46.0 bnc900217 This release fixes several similar vulnerabilities that could allow a man-in-the-middle attacker to read encrypted traffic due to pack of certificate verification against the hostname. - fix --idle checking Python version incorrectly, resulting in incorrect warning about...
CVE-2014-7275
The POP3-over-SSL implementation in getmail 4.0.0 through 4.44.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof POP3 servers and obtain sensitive information via a crafted certificate...
CVE-2014-7274
The IMAP-over-SSL implementation in getmail 4.44.0 does not verify that the server hostname matches a domain name in the subject's Common Name CN field of the X.509 certificate, which allows man-in-the-middle attackers to spoof IMAP servers and obtain sensitive information via a crafted certifica...
CVE-2014-7273
The IMAP-over-SSL implementation in getmail 4.0.0 through 4.43.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof IMAP servers and obtain sensitive information via a crafted certificate...
Design/Logic Flaw
The IMAP-over-SSL implementation in getmail 4.44.0 does not verify that the server hostname matches a domain name in the subject's Common Name CN field of the X.509 certificate, which allows man-in-the-middle attackers to spoof IMAP servers and obtain sensitive information via a crafted certifica...