Lucene search
+L

30 matches found

CVE
CVE
added 2019/07/30 6:33 p.m.155 views

CVE-2019-14383

CVE-2019-14383 affects libopenmpt prior to 0.4.2, where J2B parsing can trigger an assertion failure when handling debug STLs. Multiple third‑party advisories (SUSE/openSUSE updates and related OSS/OSV listings) confirm this vulnerability and show a fix was released in libopenmpt 0.4.2 and newer....

6.5CVSS6.2AI score0.01338EPSS
Exploits0References3Affected Software1
OpenVAS
OpenVAS
added 2019/02/26 12:0 a.m.60 views

SSL/TLS: POP3 Missing Support For STLS

The remote POP3 server does not support the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2014/04/09 12:0 a.m.15 views

SSL/TLS: POP3 'STLS' Command Detection

Checks if the remote POP3 server supports SSL/TLS with the Copyright C 2014 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; yo...

Exploits0References1
NVD
NVD
added 2011/06/02 7:55 p.m.10 views

CVE-2011-1947

fetchmail 5.9.9 through 6.3.19 does not properly limit the wait time after issuing a 1 STARTTLS or 2 STLS request, which allows remote servers to cause a denial of service application hang by acknowledging the request but not sending additional packets...

5CVSS6.4AI score0.02551EPSS
Exploits0References14
OSV
OSV
added 2011/06/02 7:55 p.m.5 views

CVE-2011-1947

fetchmail 5.9.9 through 6.3.19 does not properly limit the wait time after issuing a 1 STARTTLS or 2 STLS request, which allows remote servers to cause a denial of service application hang by acknowledging the request but not sending additional packets...

6.7AI score
Exploits0References14
UbuntuCve
UbuntuCve
added 2011/06/02 7:55 p.m.24 views

CVE-2011-1947

fetchmail 5.9.9 through 6.3.19 does not properly limit the wait time after issuing a 1 STARTTLS or 2 STLS request, which allows remote servers to cause a denial of service application hang by acknowledging the request but not sending additional packets...

5CVSS7.2AI score0.02551EPSS
Exploits0References3
CVE
CVE
added 2011/06/02 7:0 p.m.70 views

CVE-2011-1947

CVE-2011-1947 affects fetchmail 5.9.9–6.3.19. The issue is an insufficient wait-time limiter after STARTTLS or STLS, allowing a remote server to trigger a denial-of-service (application hang) by acknowledging the request but sending no further packets. The provided documents confirm this vulnerab...

5CVSS6.4AI score0.02551EPSS
Exploits0References14Affected Software1
Tenable Nessus
Tenable Nessus
added 2011/03/10 12:0 a.m.486 views

POP3 Service STLS Plaintext Command Injection

The remote POP3 service contains a software flaw in its STLS implementation that could allow a remote, unauthenticated attacker to inject commands during the plaintext protocol phase that will be executed during the ciphertext protocol phase. Successful exploitation could allow an attacker to ste...

6.8CVSS8.3AI score0.16334EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2009/10/09 12:0 a.m.164 views

POP3 Service STLS Command Support

The remote POP3 service supports the use of the 'STLS' command to switch from a cleartext to an encrypted communications channel. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid42087; scriptversion"1.13"; scriptsetattributeattribute:"pluginmodificationdate",...

5.6AI score
Exploits0References2
FreeBSD
FreeBSD
added 2007/01/04 12:0 a.m.37 views

fetchmail -- TLS enforcement problem/MITM attack/password exposure

Matthias Andree reports: Fetchmail has had several longstanding password disclosure vulnerabilities. sslcertck/sslfingerprint options should have implied "sslproto tls1" in order to enforce TLS negotiation, but did not. Even with "sslproto tls1" in the config, fetches would go ahead in plain text...

7.8CVSS6.7AI score0.04255EPSS
Exploits0References1
Rows per page
Query Builder