Lucene search
Veracode Vulnerability DatabaseVERACODE:25965HistoryJul 28, 2020 - 3:26 a.m.
CRLF Injection
2020-07-2803:26:55
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12
libetpan vulnerability
crlf injection
starttls buffering
imap
smtp
pop3
man-in-the-middle
EPSS
0.013
Percentile
86.1%
libetpan is vulnerable to CRLF Injection. Due to STARTTLS buffering issue affecting IMAP, SMTP, and POP3, a man-in-the-middle can inject additional data in “begin TLS” response from the server.
References
lists.opensuse.org/opensuse-security-announce/2020-09/msg00060.html
lists.opensuse.org/opensuse-security-announce/2020-09/msg00075.html
github.com/dinhvh/libetpan/commit/298460a2adaabd2f28f417a0f106cb3b68d27df9
github.com/dinhvh/libetpan/issues/386
lists.debian.org/debian-lts-announce/2020/08/msg00026.html
lists.fedoraproject.org/archives/list/[email protected]/message/M65FVH5XPS23NLHFN3ABEGBSCHZAISXN/
lists.fedoraproject.org/archives/list/[email protected]/message/QFBWNA5REI5ZGW2DAOEAVHM23MOU6O5J/
security.gentoo.org/glsa/202007-55
Related
ubuntu
ubuntu
LibEtPan vulnerability
2020-10-22 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package libetpan version 1.9.4-alt2
2020-10-05 00:00:00
Security fix for the ALT Linux 10 package libetpan version 1.9.4-alt2
2020-10-01 00:00:00
nessus
nessus
Ubuntu 16.04 LTS : LibEtPan vulnerability (USN-4598-1)
2020-10-22 00:00:00
openSUSE Security Update : libetpan (openSUSE-2020-1454)
2020-09-21 00:00:00
Debian DLA-2329-1 : libetpan security update
2020-08-18 00:00:00
suse
suse
Security update for libetpan (moderate)
2020-09-19 00:00:00
Security update for libetpan (moderate)
2020-09-22 00:00:00
debian
debian
[SECURITY] [DLA 2329-1] libetpan security update
2020-08-16 12:00:14
prion
prion
Design/Logic Flaw
2020-07-27 07:15:00
nvd
nvd
CVE-2020-15953
2020-07-27 07:15:10
gentoo
gentoo
libetpan: Improper STARTTLS handling
2020-07-28 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2020-0366)
2022-01-28 00:00:00
openSUSE: Security Advisory for libetpan (openSUSE-SU-2020:1454-1)
2020-09-20 00:00:00
Debian: Security Advisory (DLA-2329-1)
2020-08-17 00:00:00
fedora
fedora
[SECURITY] Fedora 32 Update: libetpan-1.9.4-4.fc32
2020-08-19 00:52:03
[SECURITY] Fedora 31 Update: libetpan-1.9.3-3.fc31
2020-08-19 01:02:01
osv
osv
CVE-2020-15953
2020-07-27 07:15:10
libetpan vulnerability
2020-10-22 13:22:09
libetpan - security update
2020-08-16 00:00:00
ubuntucve
ubuntucve
CVE-2020-15953
2020-07-27 00:00:00
cve
cve
CVE-2020-15953
2020-07-27 07:15:10
mageia
mageia
Updated libetpan packages fix a security vulnerability
2020-09-15 14:45:52
alpinelinux
alpinelinux
CVE-2020-15953
2020-07-27 07:15:10
debiancve
debiancve
CVE-2020-15953
2020-07-27 07:15:10
cvelist
cvelist
CVE-2020-15953
2020-07-27 06:07:04