spamdyke -- STARTTLS Plaintext Injection Vulnerability
The vulnerability is caused due to the TLS implementation not
properly clearing transport layer buffers when upgrading from
plaintext to ciphertext after receiving the "STARTTLS" command.
This can be exploited to insert arbitrary plaintext data (e.g.
SMTP commands) during the plaintext phase, which will then be
executed after upgrading to the TLS ciphertext phase.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright