InterNetNews 'STARTTLS' Implementation Plaintext Arbitrary Command Injection Vulnerability

Bugtraq ID: 55146
Class: Input Validation Error
CVE: CVE-2012-3523
Remote: Yes
Local: No
Published: Aug 18 2012 12:00AM
Updated: Mar 19 2015 09:39AM
Credit: The vendor reported this issue.
Vulnerable: Mandriva Linux Mandrake 2011 x86_64
Mandriva Linux Mandrake 2011
ISC INN 2.4.1
ISC INN 2.4 .0
+ OpenPKG OpenPKG 1.3
+ OpenPKG OpenPKG Current
+ Slackware Linux 9.1
+ Slackware Linux 9.0
+ Slackware Linux -current
ISC INN 2.3.3
ISC INN 2.3.2
ISC INN 2.3.1
ISC INN 2.3
ISC INN 2.2.3
ISC INN 2.2.2
ISC INN 2.2.1
- S.u.S.E. Linux 6.3
- S.u.S.E. Linux 6.2
- S.u.S.E. Linux 6.1 alpha
- S.u.S.E. Linux 6.1
- S.u.S.E. Linux 6.0
- S.u.S.E. Linux 5.3
ISC INN 2.2
ISC INN 2.1
ISC INN 2.0
ISC INN 1.7.2
ISC INN 1.7
ISC INN 1.5.1
ISC INN 1.5
ISC INN 1.4 unoff4
ISC INN 1.4 unoff3
ISC INN 1.4 sec2
ISC INN 1.4 sec
Gentoo Linux
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus