92 matches found
CVE-2010-1194
The matchcomponent function in smtp-tls.c in libESMTP 1.0.3.r1, and possibly other versions including 1.0.4, treats two strings as equal if one is a substring of the other, which allows remote attackers to spoof trusted certificates via a crafted subjectAltName...
CVE-2010-1192
libESMTP, probably 1.0.4 and earlier, does not properly handle a '\0' character in a domain name in the subject's Common Name CN field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification...
RHEL 2.1 : balsa (RHSA-2003:111)
Updated Balsa packages are available which fix potential vulnerabilities in the IMAP handling code and in libesmtp. Balsa is a GNOME email client which includes code from Mutt. A potential buffer overflow exists in Balsa versions 1.2 and higher when parsing mailbox names returned by an IMAP serve...
Important: Red Hat Security Advisory: balsa security update
Updated Balsa packages are available which fix potential vulnerabilities in the IMAP handling code and in libesmtp. Balsa is a GNOME email client which includes code from Mutt. A potential buffer overflow exists in Balsa versions 1.2 and higher when parsing mailbox names returned by an IMAP serve...
[CLA-2003:630] Conectiva Security Announcement - balsa
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- CONECTIVA LINUX SECURITY ANNOUNCEMENT - -------------------------------------------------------------------------- PACKAGE : balsa SUMMARY : Buffer overflow in IMAP code and ...
Important: Red Hat Security Advisory: : Updated balsa and mutt packages fix vulnerabilities
New Balsa, Mutt, and libesmtp packages that fix potential buffer overflow vulnerabilities are now available. Mutt is a text-mode email client. Balsa is a GNOME email client which includes code from Mutt. A potential buffer overflow in Mutt version 1.4 exists when parsing mailbox names returned by...
DEBIAN-CVE-2002-1090
Buffer overflow in readsmtpresponse of protocol.c in libesmtp before 0.8.11 allows a remote SMTP server to 1 execute arbitrary code via a certain response or 2 cause a denial of service via long server responses...
CVE-2002-1090
Buffer overflow in readsmtpresponse of protocol.c in libesmtp before 0.8.11 allows a remote SMTP server to 1 execute arbitrary code via a certain response or 2 cause a denial of service via long server responses...
CVE-2002-1090
Buffer overflow in readsmtpresponse of protocol.c in libesmtp before 0.8.11 allows a remote SMTP server to 1 execute arbitrary code via a certain response or 2 cause a denial of service via long server responses...
CVE-2002-1090
Buffer overflow in readsmtpresponse of protocol.c in libesmtp before 0.8.11 allows a remote SMTP server to 1 execute arbitrary code via a certain response or 2 cause a denial of service via long server responses...
CVE-2002-1090
CVE-2002-1090 affects libesmtp prior to 0.8.11, where a buffer overflow in read_smtp_response() in protocol.c lets a remote SMTP server trigger arbitrary code execution or a denial of service via long responses. Public records show mitigations in libesmtp 0.8.11+ (e.g., updates bundled with Balsa...
CVE-2002-1090
Buffer overflow in readsmtpresponse of protocol.c in libesmtp before 0.8.11 allows a remote SMTP server to 1 execute arbitrary code via a certain response or 2 cause a denial of service via long server responses...