STARTTLS plaintext command injection vulnerability

Overview Some STARTTLS implementations could allow a remote attacker to inject commands during the plaintext phase of the protocol. Description STARTTLS is an extension to plaintext communication protocols that offers a way to upgrade a plaintext connection to an encrypted TLS or SSL connection...

[CAN-2005-1062] Administration protocol abuse allows local/remote password cracking

Secure Computer Group - University of A Coruna http://research.tic.udc.es/scg/ -- x -- dotpi.com Information Technologies Research Labs http://www.dotpi.com ID: 20050429-1 Document title: Administration protocol abuse allows local/remote password cracking Document revision: 1.0 Coordinated releas...