Summary: | <net-nntp/inn-2.5.3 - plaintext command injection during the negotiation of a TLS layer (CVE-2012-3523) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Jeroen Roovers (RETIRED) <jer> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | ||
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://www.isc.org/software/inn/2.5.3article | ||
Whiteboard: | B3 [glsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 432256 | ||
Bug Blocks: |
Description
Jeroen Roovers (RETIRED)
2012-08-20 01:07:24 UTC
Arch teams, please test and mark stable: =net-nntp/inn-2.5.3 Stable KEYWORDS : amd64 ppc x86 amd64 stable x86 stable ping ppc64? ppc done CVE-2012-3523 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3523): The STARTTLS implementation in nnrpd in INN before 2.5.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411. Thanks, everyone. GLSA vote: yes. Yes, created GLSA request. Nothing else to do for net-news here. This issue was resolved and addressed in GLSA 201401-24 at http://security.gentoo.org/glsa/glsa-201401-24.xml by GLSA coordinator Chris Reffett (creffett). |