Oval Definition:oval:org.opensuse.security:def:20110411
Revision Date:2022-06-30Version:1
Title:CVE-2011-0411
Description:

The STARTTLS implementation in Postfix 2.4.x before 2.4.16, 2.5.x before 2.5.12, 2.6.x before 2.6.9, and 2.7.x before 2.7.3 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2011-0411
Mitre CVE-2011-0411
SUSE CVE-2011-0411
openSUSE-SU-2011:0389-1
openSUSE-SU-2011:0389-1
SUSE-SR:2011:008
SUSE-SR:2011:008
SUSE-SR:2011:009
SUSE-SR:2011:009
SUSE-SR:2011:010
SUSE-SR:2011:010
Platform(s):Open Enterprise Server
openSUSE 11.2
openSUSE 11.3
openSUSE 11.4
openSUSE Tumbleweed
SUSE CORE 9 for AMD64 and Intel EM64T
SUSE Linux Enterprise Desktop 10 SP3 for AMD64 and Intel EM64T
SUSE Linux Enterprise Desktop 10 SP3 for x86
SUSE Linux Enterprise Desktop 10 SP4 for AMD64 and Intel EM64T
SUSE Linux Enterprise Desktop 10 SP4 for x86
SUSE Linux Enterprise Desktop 11 SP1
SUSE Linux Enterprise SDK 10 SP3
SUSE Linux Enterprise Server 10 SP2 for AMD64 and Intel EM64T
SUSE Linux Enterprise Server 10 SP2 for IBM zSeries 64bit
SUSE Linux Enterprise Server 10 SP2 for x86
SUSE Linux Enterprise Server 10 SP3
SUSE Linux Enterprise Server 10 SP4 for AMD64 and Intel EM64T
SUSE Linux Enterprise Server 10 SP4 for IBM POWER
SUSE Linux Enterprise Server 10 SP4 for IBM zSeries 64bit
SUSE Linux Enterprise Server 10 SP4 for IPF
SUSE Linux Enterprise Server 10 SP4 for x86
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 11 SP1 for VMware
SUSE Linux Enterprise Server 11 SP1-TERADATA
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server for SAP 10 SP3
SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Teradata 10 SP3 for AMD64 and Intel EM64T
Product(s):
Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND pure-ftpd-1.0.22-3.19.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • AND pure-ftpd-1.0.22-3.25.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND pure-ftpd-1.0.22-3.19 is installed
    • Definition Synopsis
  • Release Information
  • sles10-sp3 is installed
  • AND postfix less than 2.5.6-4.10.1
  • OR Package Information
  • sles10-sp2-ltss is installed
  • AND postfix less than 2.2.9-10.30
  • OR Package Information
  • sles10-sp4 is installed
  • AND postfix less than 2.5.6-4.10.1
  • OR Package Information
  • sles10-sp3 is installed
  • AND pure-ftpd less than 1.0.22-0.20.1
  • OR Package Information
  • sles10-sp4 is installed
  • AND pure-ftpd less than 1.0.22-0.20.1
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP2 is installed
  • AND pure-ftpd-1.0.22-3.15.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND pure-ftpd-1.0.22-3.19.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • AND pure-ftpd-1.0.22-3.25.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP2 is installed
  • AND pure-ftpd-1.0.22-3.15 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND pure-ftpd-1.0.22-3.19 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • AND pure-ftpd-1.0.22-3.25 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP1 is installed
  • AND
  • postfix-2.5.6-5.6 is installed
  • OR postfix-doc-2.5.6-5.6 is installed
  • OR postfix-mysql-2.5.6-5.6 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP2 is installed
  • AND pure-ftpd-1.0.22-3.15 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND pure-ftpd-1.0.22-3.19 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • AND pure-ftpd-1.0.22-3.25 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP1 is installed
  • OR SUSE Linux Enterprise Server 11 SP1-TERADATA is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA is installed
  • AND
  • postfix-2.5.6-5.6 is installed
  • OR postfix-doc-2.5.6-5.6 is installed
  • OR postfix-mysql-2.5.6-5.6 is installed
    • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND pure-ftpd-1.0.43-1.3 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • AND pure-ftpd-1.0.22-3.25.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND pure-ftpd-1.0.22-3.19.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP2 is installed
  • AND pure-ftpd-1.0.22-3.15.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 11 SP1 is installed
  • OR SUSE Linux Enterprise Server 11 SP1-TERADATA is installed
  • AND
  • postfix-2.5.6-5.6.1 is installed
  • OR postfix-doc-2.5.6-5.6.1 is installed
  • OR postfix-mysql-2.5.6-5.6.1 is installed
    • BACK