CVE-2014-3556

The STARTTLS implementation in mail/ngxmailsmtphandler.c in the SMTP proxy in nginx 1.5.x and 1.6.x before 1.6.1 and 1.7.x before 1.7.4 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command...

nginx < 1.6.1 / 1.7.4 SMTP STARTTLS Command Injection

According to the self-reported version in the server response header, the version of nginx installed on the remote host is 1.5.6 or higher, 1.6.x prior to 1.6.1, or 1.7.x prior to 1.7.4. It is, therefore, affected by a command injection vulnerability. A flaw exists in the function...