Date: Wed, 05 Aug 2009 17:14:36 +0200 From: "Matthias Andree" <matthias.andree@....de> To: oss-security@...ts.openwall.com Subject: CVE request: fetchmail <= 6.3.10 SSL certificate NUL prefix verification bypass Greetings, fetchmail <= 6.3.10 is susceptible to NUL prefix certificates such as www.paypal.com\0.reknowned.site.example. Is there a global CVE ID to collect this vulnerability that is supposed to be reused by applications? If there is, please let me know. If there is not, please assign a new CVE Id. Thanks -- Matthias Andree
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.