oss-sec mailing list archives
Re: pure-ftpd STARTTLS command injection / new CVE?
From: Josh Bressers <bressers () redhat com>
Date: Mon, 11 Apr 2011 16:20:07 -0400 (EDT)
----- Original Message -----
Hi, http://www.pureftpd.org/project/pure-ftpd/news states that pure-ftpd is affected by the same STARTTLS injection bug as postifx's CVE-2011-0411. Is this CVE postfix-specific or can it be used for pure-ftpd as well? If needed, can someone assign a new CVE?
Use CVE-2011-1575 for this. Thanks. -- JB
Current thread:
- pure-ftpd STARTTLS command injection / new CVE? Sebastian Krahmer (Apr 11)
- Re: pure-ftpd STARTTLS command injection / new CVE? Mike O'Connor (Apr 11)
- Re: pure-ftpd STARTTLS command injection / new CVE? Steven M. Christey (Apr 11)
- CVE Request -- Cyrus-IMAP STARTTLS issue -- [was: Re: [oss-security] pure-ftpd STARTTLS command injection / new CVE?] Jan Lieskovsky (May 17)
- Re: pure-ftpd STARTTLS command injection / new CVE? Josh Bressers (Apr 11)
- Re: pure-ftpd STARTTLS command injection / new CVE? Mike O'Connor (Apr 11)