|
|
Subscribe / Log in / New account

dovecot: certificate validation flaw

Package(s):dovecot CVE #(s):CVE-2011-4318
Created:December 9, 2011 Updated:February 21, 2013
Description:

From the Ubuntu advisory:

It was discovered that Dovecot incorrectly validated certificate hostnames when being used as a POP3 and IMAP proxy. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information.

Alerts:
CentOS CESA-2013:0520 dovecot 2013-03-09
Scientific Linux SL-dove-20130304 dovecot 2013-03-04
Oracle ELSA-2013-0520 dovecot 2013-02-25
Red Hat RHSA-2013:0520-02 dovecot 2013-02-21
openSUSE openSUSE-SU-2012:0219-1 dovecot20 2012-02-09
Fedora FEDORA-2011-16234 dovecot 2011-11-23
Fedora FEDORA-2011-16272 dovecot 2011-11-23
Ubuntu USN-1295-1 dovecot 2011-12-08
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds