6 matches found
pybind: Improper use of Pybind
A flaw was found in Ceph. An attacker can allow Ceph to accept any certificate because no certificate context is passed via Pybind to the constructors imaplib.IMAP4SSL or smtplib.SMTPSSL. As a result, pybind pybind does not check the server's X.509 certificate, instead accepting any certificate...
PT-2024-41772
Name of the Vulnerable Software and Affected Versions Ceph affected versions not specified Description An issue exists in Ceph related to incorrect certificate checking when using Pybind. This flaw could allow an attacker to perform a Man In the Middle MITM attack, potentially compromising mail...
CVE-2019-4296
IBM Robotic Process Automation with Automation Anywhere 11 information disclosure could allow a local user to obtain e-mail contents from the client debug log file. IBM X-Force ID: 160759...
mail/trojita -- may leak mail contents (not user credentials) over unencrypted connection
Jan Kundrát reports: An SSL stripping vulnerability was discovered in Trojitá, a fast Qt IMAP e-mail client. User's credentials are never leaked, but if a user tries to send an e-mail, the automatic saving into the "sent" or "draft" folders could happen over a plaintext connection even if the...
CVE-2006-4001
CVE-2006-4001 concerns Barracuda Spam Firewall (BSF): affected firmware versions 3.3.01.001–3.3.03.053 contain a hard-coded password for the guest account, enabling remote attackers to read sensitive data such as e-mail logs and potentially e-mail contents and the admin password. Related connecte...
CVE-2006-4001
Login.pm in Barracuda Spam Firewall BSF 3.3.01.001 through 3.3.03.053 contains a hard-coded password for the guest account, which allows remote attackers to read sensitive information such as e-mail logs, and possibly e-mail contents and the admin password...