Описание
offlineimap before 6.3.2 does not check for SSL server certificate validation when "ssl = yes" option is specified which can allow man-in-the-middle attacks.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| offlineimap | fixed | 6.3.2~rc3-2 | package | |
| offlineimap | no-dsa | squeeze | package | |
| offlineimap | no-dsa | lenny | package |
Связанные уязвимости
CVSS3: 5.9
ubuntu
около 6 лет назад
offlineimap before 6.3.2 does not check for SSL server certificate validation when "ssl = yes" option is specified which can allow man-in-the-middle attacks.
CVSS3: 5.9
nvd
около 6 лет назад
offlineimap before 6.3.2 does not check for SSL server certificate validation when "ssl = yes" option is specified which can allow man-in-the-middle attacks.
github
больше 3 лет назад
offlineimap before 6.3.2 does not check for SSL server certificate validation when "ssl = yes" option is specified which can allow man-in-the-middle attacks.