CVE-2010-4533

Опубликовано: 13 нояб. 2019

Источник: debian

Описание

offlineimap before 6.3.4 added support for SSL server certificate validation but it is still possible to use SSL v2 protocol, which is a flawed protocol with multiple security deficiencies.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
offlineimap	fixed	6.3.4-1		package
offlineimap	no-dsa		squeeze	package
offlineimap	no-dsa		lenny	package

Примечания

offlineimap uses the "ssl" standard lib in Python, marking the version of offlineimap in wheezy as fixed

Связанные уязвимости

CVE-2010-4533

CVSS3: 9.8

ubuntu

около 6 лет назад

offlineimap before 6.3.4 added support for SSL server certificate validation but it is still possible to use SSL v2 protocol, which is a flawed protocol with multiple security deficiencies.

CVE-2010-4533

CVSS3: 9.8

nvd

около 6 лет назад

offlineimap before 6.3.4 added support for SSL server certificate validation but it is still possible to use SSL v2 protocol, which is a flawed protocol with multiple security deficiencies.

GHSA-j6qj-vq58-68qh

github

больше 3 лет назад

offlineimap before 6.3.4 added support for SSL server certificate validation but it is still possible to use SSL v2 protocol, which is a flawed protocol with multiple security deficiencies.