Approved changes feed: RSS · Atom
cpe:2.3:a:kerio:connect:7.1.4:*:*:*:*:*:*:*
part: a version: 7.1.4 update: *
| Vendor | Kerio (e69b4c59-3ac5-57d1-90ce-3259775b391e) |
|---|---|
| Product | Connect (a7ce9b2a-539d-5abe-a65f-4486d4db2faa) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2011-1506 |
vulnerable | 2026-06-08 04:57:59.853656 |
Details available
The STARTTLS implementation in Kerio Connect 7.1.4 build 2985 and MailServer 6.x does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411. NOTE: some of these details are obtained from third party information.
Published: 2011-03-22T17:00:00.000Z
Updated: 2024-08-06T22:28:41.777Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.