32 matches found
Gentoo Security Advisory GLSA 201206-34 (msmtp)
The remote host is missing updates announced in advisory GLSA 201206-34. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...
GLSA-201206-34 : msmtp: X.509 NULL spoofing vulnerability
The remote host is affected by the vulnerability described in GLSA-201206-34 msmtp: X.509 NULL spoofing vulnerability A vulnerability have been discovered in msmtp. Please review the CVE identifier referenced below for details. Impact : A remote attacker might employ a specially crafted certifica...
msmtp: X.509 NULL spoofing vulnerability
Background msmtp is an SMTP client and SMTP plugin for mail user agents such as Mutt. Description A vulnerability have been discovered in msmtp. Please review the CVE identifier referenced below for details. Impact A remote attacker might employ a specially crafted certificate to conduct...
openSUSE Security Update : msmtp (msmtp-1813)
msmtp did not properly handle a '0' character in the domain name of SSL certificates CVE-2009-3942. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update msmtp-1813. The text description of this...
openSUSE Security Update : msmtp (msmtp-1813)
msmtp did not properly handle a '0' character in the domain name of SSL certificates CVE-2009-3942. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update msmtp-1813. The text description of this...
openSUSE Security Update : msmtp (msmtp-1813)
msmtp did not properly handle a '0' character in the domain name of SSL certificates CVE-2009-3942. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update msmtp-1813. The text description of this...
CVE-2009-3942
Martin Lambers msmtp before 1.4.19, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the 1 subject's Common Name or 2 Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted...
CVE-2009-3942
Martin Lambers msmtp before 1.4.19, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the 1 subject's Common Name or 2 Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted...
Design/Logic Flaw
Martin Lambers msmtp before 1.4.19, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the 1 subject's Common Name or 2 Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted...
CVE-2009-3942
Martin Lambers msmtp before 1.4.19, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the 1 subject's Common Name or 2 Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted...
CVE-2009-3942
Technical details about CVE-2009-3942 are not publicly available in the provided connected documents. The materials do not specify affected products, versions, root cause, or remediation. Monitor for updates and new advisories.
CVE-2009-3942
Martin Lambers msmtp before 1.4.19, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the 1 subject's Common Name or 2 Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted...