oss-sec mailing list archives

Re: CVE Request: libesmtp does not check NULL bytes in commonName

From: ArkanoiD <ark () eltex net>
Date: Tue, 16 Mar 2010 16:13:22 +0300

I think the one proposed in draft is the best: it still provides simple
wildcard functionality and does not affect security much. I'd prefer to 
avoid *.*.. wildcards.

Current thread:

Re: CVE Request: libesmtp does not check NULL bytes in commonName, (continued)
- Re: CVE Request: libesmtp does not check NULL bytes in commonName Jan Lieskovsky (Mar 09)
  - Re: CVE Request: libesmtp does not check NULL bytes in commonName Ludwig Nussel (Mar 10)
    - Re: CVE Request: libesmtp does not check NULL bytes in commonName Brian Stafford (Mar 10)
    - Re: CVE Request: libesmtp does not check NULL bytes in commonName Ludwig Nussel (Mar 11)
    - Re: CVE Request: libesmtp does not check NULL bytes in commonName Brian Stafford (Mar 11)
    - Re: CVE Request: libesmtp does not check NULL bytes in commonName Ludwig Nussel (Mar 11)
    - Re: CVE Request: libesmtp does not check NULL bytes in commonName Brian Stafford (Mar 11)
    - Re: CVE Request: libesmtp does not check NULL bytes in commonName Brian Stafford (Mar 15)
    - Re: CVE Request: libesmtp does not check NULL bytes in commonName Ludwig Nussel (Mar 16)
    - Re: CVE Request: libesmtp does not check NULL bytes in commonName Brian Stafford (Mar 16)
    - Re: CVE Request: libesmtp does not check NULL bytes in commonName ArkanoiD (Mar 16)
    - Re: CVE Request: libesmtp does not check NULL bytes in commonName Ludwig Nussel (Mar 16)
    - Re: CVE Request: libesmtp does not check NULL bytes in commonName Peter Sylvester (Mar 16)
    - Re: CVE Request: libesmtp does not check NULL bytes in commonName ArkanoiD (Mar 16)
    - Re: CVE Request: libesmtp does not check NULL bytes in commonName Ludwig Nussel (Mar 17)
    - Re: CVE Request: libesmtp does not check NULL bytes in commonName Brian Stafford (Mar 16)
    - Re: CVE Request: libesmtp does not check NULL bytes in commonName Brian Stafford (Mar 17)
    - Re: CVE Request: libesmtp does not check NULL bytes in commonName Ludwig Nussel (Mar 17)
    - Re: CVE Request: libesmtp does not check NULL bytes in commonName ArkanoiD (Mar 17)
    - Re: CVE Request: libesmtp does not check NULL bytes in commonName Brian Stafford (Mar 17)
    - Re: CVE Request: libesmtp does not check NULL bytes in commonName ArkanoiD (Mar 17)

(Thread continues...)