exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2011-4318

больше 12 лет назад

Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate for a different hostname.

CVSS2: 5.8

EPSS: Низкий

CVE-2011-4318

почти 14 лет назад

Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate for a different hostname.

CVSS2: 5.8

EPSS: Низкий

CVE-2011-4318

больше 12 лет назад

Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate for a different hostname.

CVSS2: 5.8

EPSS: Низкий

CVE-2011-4318

больше 12 лет назад

Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostn ...

CVSS2: 5.8

EPSS: Низкий

GHSA-w2rf-p589-jpp8

больше 3 лет назад

Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate for a different hostname.

EPSS: Низкий

ELSA-2013-0520

больше 12 лет назад

ELSA-2013-0520: dovecot security and bug fix update (LOW)

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2011-4318 Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate for a different hostname.	CVSS2: 5.8	1% Низкий	больше 12 лет назад
CVE-2011-4318 Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate for a different hostname.	CVSS2: 5.8	1% Низкий	почти 14 лет назад
CVE-2011-4318 Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate for a different hostname.	CVSS2: 5.8	1% Низкий	больше 12 лет назад
CVE-2011-4318 Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostn ...	CVSS2: 5.8	1% Низкий	больше 12 лет назад
GHSA-w2rf-p589-jpp8 Dovecot 2.0.x before 2.0.16, when ssl or starttls is enabled and hostname is used to define the proxy destination, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a valid certificate for a different hostname.		1% Низкий	больше 3 лет назад
ELSA-2013-0520 ELSA-2013-0520: dovecot security and bug fix update (LOW)			больше 12 лет назад

Уязвимостей на страницу