Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2014-2576

Опубликовано: 15 окт. 2014
Источник: debian
EPSS Низкий

Описание

plugins/rssyl/feed.c in Claws Mail before 3.10.0 disables the CURLOPT_SSL_VERIFYHOST check for CN or SAN host name fields, which makes it easier for remote attackers to spoof servers and conduct man-in-the-middle (MITM) attacks.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
claws-mailfixed3.10.1-1package
claws-mailnot-affectedwheezypackage
claws-mailnot-affectedsqueezepackage
claws-mail-extra-pluginsremovedpackage
claws-mail-extra-pluginsno-dsasqueezepackage
claws-mail-extra-pluginsno-dsawheezypackage

Примечания

  • http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3106

EPSS

Процентиль: 71%
0.00669
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2014-2576

ubuntu
больше 11 лет назад

plugins/rssyl/feed.c in Claws Mail before 3.10.0 disables the CURLOPT_SSL_VERIFYHOST check for CN or SAN host name fields, which makes it easier for remote attackers to spoof servers and conduct man-in-the-middle (MITM) attacks.

nvd логотип

CVE-2014-2576

nvd
больше 11 лет назад

plugins/rssyl/feed.c in Claws Mail before 3.10.0 disables the CURLOPT_SSL_VERIFYHOST check for CN or SAN host name fields, which makes it easier for remote attackers to spoof servers and conduct man-in-the-middle (MITM) attacks.

github логотип

GHSA-fc99-wqm7-mj5r

github
больше 3 лет назад

plugins/rssyl/feed.c in Claws Mail before 3.10.0 disables the CURLOPT_SSL_VERIFYHOST check for CN or SAN host name fields, which makes it easier for remote attackers to spoof servers and conduct man-in-the-middle (MITM) attacks.

EPSS

Процентиль: 71%
0.00669
Низкий