RSS   Vulnerabilities for 'Scoofficeserver'   RSS

2011-03-16
 
CVE-2011-1432

CWE-Other
 

 
The STARTTLS implementation in SCO SCOoffice Server does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411.

 

 >>> Vendor: SCO 15 Products
Unixware
Open desktop
Openserver
UNIX
Internet faststart
Tcp ip
Open desktop lite
CMW
Openserver enterprise system
Openserver network system
Openlinux server
Openlinux workstation
Open unix
Reliantha
Scoofficeserver


Copyright 2024, cxsecurity.com

 

Back to Top