19 matches found
EUVD-2019-17727
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2019-8337
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In msmtp 1.8.2 and mpop 1.4.3, when tlstrustfile has its default configuration, certificate-verification results are not properly checked. CVE-2019-8337 Note th...
OPENSUSE-SU-2024:11615-1 mpop-1.4.14-1.1 on GA media
These are all security issues fixed in the mpop-1.4.14-1.1 package on the GA media of openSUSE Tumbleweed...
CVE-2019-8337
In msmtp 1.8.2 and mpop 1.4.3, when tlstrustfile has its default configuration, certificate-verification results are not properly checked...
CVE-2019-8337
In msmtp 1.8.2 and mpop 1.4.3, when tlstrustfile has its default configuration, certificate-verification results are not properly checked...
UBUNTU-CVE-2019-8337
In msmtp 1.8.2 and mpop 1.4.3, when tlstrustfile has its default configuration, certificate-verification results are not properly checked...
CVE-2019-8337
In msmtp 1.8.2 and mpop 1.4.3, when tlstrustfile has its default configuration, certificate-verification results are not properly checked...
DEBIAN-CVE-2019-8337
In msmtp 1.8.2 and mpop 1.4.3, when tlstrustfile has its default configuration, certificate-verification results are not properly checked...
Default configuration
In msmtp 1.8.2 and mpop 1.4.3, when tlstrustfile has its default configuration, certificate-verification results are not properly checked...
CVE-2019-8337
In msmtp 1.8.2 and mpop 1.4.3, when tlstrustfile has its default configuration, certificate-verification results are not properly checked...
CVE-2019-8337
In msmtp 1.8.2 and mpop 1.4.3, when tlstrustfile has its default configuration, certificate-verification results are not properly checked...
CVE-2019-8337
CVE-2019-8337 affects msmtp 1.8.2 and mpop 1.4.3, where, with the default tls_trust_file configuration, certificate-verification results are not properly checked. This can lead to certificate verification bypass for TLS connections, per multiple sources in the provided material. The Arch Linux ad...
Mail.ru: [e.mail.ru] Stored xss in Mpop cookie
XSS on e.mail.ru domain via cookie content XSS in cookie via mitm. Good article - https://habr.com/en/post/460101/ by @w2w...
CVE-2009-3941
Martin Lambers mpop before 1.0.19, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the 1 subject's Common Name or 2 Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted...
Design/Logic Flaw
Martin Lambers mpop before 1.0.19, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the 1 subject's Common Name or 2 Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted...
CVE-2009-3941
Martin Lambers mpop before 1.0.19, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the 1 subject's Common Name or 2 Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted...
CVE-2009-3941
Martin Lambers mpop before 1.0.19, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the 1 subject's Common Name or 2 Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted...
CVE-2009-3941
Technical details about CVE-2009-3941 are not publicly provided in the supplied connected documents. Monitor for updates.
CVE-2009-3941
Martin Lambers mpop before 1.0.19, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the 1 subject's Common Name or 2 Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted...