FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2011-0411

This CVE name corresponds to:

Entered Topic
2012-08-25 inn -- plaintext command injection into encrypted channel
2011-03-19 postfix -- plaintext command injection with SMTP over TLS

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2011-0411 at cve.mitre.org

Details

Type Candidate
Name CVE-2011-0411
Phase Assigned(20110111)

Description

The STARTTLS implementation in Postfix 2.4.x before 2.4.16, 2.5.x before 2.5.12, 2.6.x before 2.6.9, and 2.7.x before 2.7.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack.

References

Source Reference
CONFIRM http://www.kb.cert.org/vuls/id/MORO-8ELH6Z
CONFIRM http://www.postfix.org/CVE-2011-0411.html
CONFIRM http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html
CONFIRM http://support.apple.com/kb/HT5002
APPLE APPLE-SA-2011-10-12-3
DEBIAN DSA-2233
FEDORA FEDORA-2011-3355
FEDORA FEDORA-2011-3394
GENTOO GLSA-201206-33
REDHAT RHSA-2011:0423
REDHAT RHSA-2011:0422
SUSE SUSE-SR:2011:009
CERT-VN VU#555316
BID 46767
OSVDB 71021
SECTRACK 1025179
SECUNIA 43646
SECUNIA 43874
VUPEN ADV-2011-0611
VUPEN ADV-2011-0752
VUPEN ADV-2011-0891
XF multiple-starttls-command-execution(65932)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.