Mageia: Security Advisory (MGASA-2014-0450)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2014-7274

The IMAP-over-SSL implementation in getmail 4.44.0 does not verify that the server hostname matches a domain name in the subject's Common Name CN field of the X.509 certificate, which allows man-in-the-middle attackers to spoof IMAP servers and obtain sensitive information via a crafted certifica...

CVE-2014-7273

CVE-2014-7273 affects getmail up to version 4.43.0, where IMAP-over-SSL does not verify X.509 certificates, enabling MITM attacks and potential disclosure of sensitive data. Remediation: upgrade to getmail 4.46.0 (or newer, e.g., 4.46.0-1/4.46.0-1~deb6u1 per Debian) where the issue is fixed. Rela...

CVE-2014-7273

The IMAP-over-SSL implementation in getmail 4.0.0 through 4.43.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof IMAP servers and obtain sensitive information via a crafted certificate...