oss-sec mailing list archives
CVE request: fetchmail <= 6.3.10 SSL certificate NUL prefix verification bypass
From: "Matthias Andree" <matthias.andree () gmx de>
Date: Wed, 05 Aug 2009 17:14:36 +0200
Greetings,fetchmail <= 6.3.10 is susceptible to NUL prefix certificates such as www.paypal.com\0.reknowned.site.example.
Is there a global CVE ID to collect this vulnerability that is supposed to be reused by applications?
If there is, please let me know. If there is not, please assign a new CVE Id. Thanks -- Matthias Andree
Current thread:
- CVE request: fetchmail <= 6.3.10 SSL certificate NUL prefix verification bypass Matthias Andree (Aug 05)
- Re: CVE request: fetchmail <= 6.3.10 SSL certificate NUL prefix verification bypass Tomas Hoger (Aug 05)
- Re: CVE request: fetchmail <= 6.3.10 SSL certificate NUL prefix verification bypass Matthias Andree (Aug 05)
- Re: CVE request: fetchmail <= 6.3.10 SSL certificate NUL prefix verification bypass Steven M. Christey (Aug 05)
- Re: CVE request: fetchmail <= 6.3.10 SSL certificate NUL prefix verification bypass Tomas Hoger (Aug 05)
- Re: CVE request: fetchmail <= 6.3.10 SSL certificate NUL prefix verification bypass Matthias Andree (Aug 05)
- Re: "umbrella" CVE names (was: CVE request: fetchmail <= 6.3.10 SSL certificate NUL prefix verification bypass) Matthias Andree (Aug 21)
- Re: CVE request: fetchmail <= 6.3.10 SSL certificate NUL prefix verification bypass Tomas Hoger (Aug 05)
- Re: CVE request: fetchmail <= 6.3.10 SSL certificate NUL prefix verification bypass Matthias Andree (Aug 05)
- Re: CVE request: fetchmail <= 6.3.10 SSL certificate NUL prefix verification bypass Henri Salo (Aug 05)
- Re: CVE request: fetchmail <= 6.3.10 SSL certificate NUL prefix verification bypass Tomas Hoger (Aug 05)
