Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:27430
HistoryDec 12, 2011 - 12:00 a.m.

[USN-1295-1] Dovecot vulnerability

2011-12-1200:00:00
vulners.com
47
JSON

==========================================================================
Ubuntu Security Notice USN-1295-1
December 08, 2011

dovecot vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 11.10

Summary:

Dovecot could be made to expose sensitive information over the network.

Software Description:

  • dovecot: IMAP and POP3 email server

Details:

It was discovered that Dovecot incorrectly validated certificate hostnames
when being used as a POP3 and IMAP proxy. If a remote attacker were able to
perform a man-in-the-middle attack, this flaw could be exploited to view
sensitive information.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 11.10:
dovecot-common 1:2.0.13-1ubuntu3.2

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1295-1
CVE-2011-4318

Package Information:
https://launchpad.net/ubuntu/+source/dovecot/1:2.0.13-1ubuntu3.2

Related

veracode 1
openvas 8
debiancve 1
nessus 7
ubuntu 1
cve 1
prion 1
securityvulns 1
ubuntucve 1
centos 1
redhat 1
oraclelinux 1
veracode
veracode
Man-in-the-Middle (MitM)
2019-05-02 04:53:01
openvas
openvas
Ubuntu: Security Advisory (USN-1295-1)
2012-03-16 00:00:00
Ubuntu Update for dovecot USN-1295-1
2012-03-16 00:00:00
Dovecot 2.0.x < 2.0.16 Man In The Middle Vulnerability
2019-12-30 00:00:00
debiancve
debiancve
CVE-2011-4318
2013-03-07 01:55:00
nessus
nessus
openSUSE Security Update : dovecot20 (openSUSE-2011-88)
2014-06-13 00:00:00
Ubuntu 11.10 : dovecot vulnerability (USN-1295-1)
2011-12-09 00:00:00
openSUSE Security Update : dovecot20 (openSUSE-SU-2012:0219-1)
2014-06-13 00:00:00
ubuntu
ubuntu
Dovecot vulnerability
2011-12-08 00:00:00
cve
cve
CVE-2011-4318
2013-03-07 01:55:00
prion
prion
Code injection
2013-03-07 01:55:00
securityvulns
securityvulns
Dovecot insufficient SSL certificates validation
2011-12-12 00:00:00
ubuntucve
ubuntucve
CVE-2011-4318
2011-11-18 00:00:00
centos
centos
dovecot security update
2013-02-27 19:34:23
redhat
redhat
(RHSA-2013:0520) Low: dovecot security and bug fix update
2013-02-21 00:00:00
oraclelinux
oraclelinux
dovecot security and bug fix update
2013-02-22 00:00:00
JSON
Related for SECURITYVULNS:DOC:27430
veracode1openvas8debiancve1nessus7ubuntu1cve1prion1securityvulns1ubuntucve1centos1redhat1oraclelinux1