Lucene search

K

MitreCVELIST:CVE-2021-39272

HistoryAug 30, 2021 - 5:05 a.m.

CVE-2021-39272

2021-08-3005:05:26

mitre

www.cve.org

8

fetchmail

starttls

encryption

imap

preauth

AI Score

6

Confidence

High

EPSS

0.002

Percentile

55.7%

Fetchmail before 6.4.22 fails to enforce STARTTLS session encryption in some circumstances, such as a certain situation with IMAP and PREAUTH.

References

www.openwall.com/lists/oss-security/2021/08/27/3

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3XJ6XLEJCEZCAM5LGGD6XBCC522QLG4/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VXMKSEHAQSEDCWZMAOJEGX3P3JW6QY6H/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZYCYLL73NP7ALJWSDICIVSA47ZIXWSSA/

nostarttls.secvuln.info/

security.gentoo.org/glsa/202209-14

www.fetchmail.info/security.html

AI Score

6

Confidence

High

EPSS

0.002

Percentile

55.7%

Related for CVELIST:CVE-2021-39272

nessus17 fedora3 openvas11 cve1 osv3 debiancve1 redhatcve1 suse4 alpinelinux1 prion1 veracode1 cbl_mariner1 nvd1 freebsd1 mageia1 ubuntucve1 almalinux1 oraclelinux1 rocky1 gentoo1 redhat1