libESMTP NULL Character CA SSL Certificate Validation Security Bypass Vulnerability

Bugtraq ID: 38528
Class: Design Error
CVE: CVE-2010-1192
Remote: Yes
Local: No
Published: Mar 03 2010 12:00AM
Updated: Oct 04 2010 07:50PM
Credit: Kees Cook
Vulnerable: S.u.S.E. SUSE Linux Enterprise 11
S.u.S.E. openSUSE 11.2
S.u.S.E. openSUSE 11.1
S.u.S.E. openSUSE 11.0
MandrakeSoft Linux Mandrake 2010.1 x86_64
MandrakeSoft Linux Mandrake 2010.1
MandrakeSoft Linux Mandrake 2010.0 x86_64
MandrakeSoft Linux Mandrake 2010.0
MandrakeSoft Linux Mandrake 2009.1 x86_64
MandrakeSoft Linux Mandrake 2009.1
MandrakeSoft Linux Mandrake 2009.0 x86_64
MandrakeSoft Linux Mandrake 2009.0
MandrakeSoft Linux Mandrake 2008.0 x86_64
MandrakeSoft Linux Mandrake 2008.0
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
MandrakeSoft Corporate Server 4.0 x86_64
MandrakeSoft Corporate Server 4.0
libesmtp libesmtp 1.0.4
libesmtp libesmtp 1.0
libesmtp libesmtp 0.8.12
libesmtp libesmtp 0.8.11
libesmtp libesmtp 0.8.10 p1
libesmtp libesmtp 0.8.10
libesmtp libesmtp 0.8.9
libesmtp libesmtp 0.8.4
+ RedHat Linux 7.3 i686
+ RedHat Linux 7.3 i386
+ RedHat Linux 7.3
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i686
+ RedHat Linux 7.2 i586
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.2
+ Sun Linux 5.0
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus